• Shellshock or Bashbug : the 5 essential things you have to know (or don't want to know)

    what you have to know (forget the hundreds of articles that are polluting the internet and hiding the essential information)

    1. the code we are talking about is 22 years old and has been written without keeping into mind any standard or control or securitytest or whatever

    if you can't replace it you are in big trouble

    2. the attacks have started the 2nd of september, the vulnerability was discovered around the 10th and the patching started 2 weeks later (and will be an ongoing process)

    there are for the moment millions of scans and attacks going on so if you have a reason to worry about your infrastructure or data, than you should follow this up

    if you don't have an IPS and WAF you are just naked, waiting to be raped digitally by some attackers

    3. we are now at our 2nd patch because the first wasn't working but at the same moment we are for the moment at 6 official vulnerabilities of which 2 are SECRET (which doesn't mean that they aren't being used for the moment but it is better to keep them secret for the time being before they become common knowledge of the attackers)

    you should receive a permanent immediate update from your essential information sources for your products and the general internet security sources like https://isc.sans.org because the situation can change or calm down at first to explode afterwards at any moment (as you are reading this)

    4. there is for the moment not much coordination so information is going around at an ever increasing speed and not everybody understands the difference between the different kinds of attacks, vulnerabilities, exploits and that a vulnerability that even if it can be attacked doesn't mean that it always can be exploited

    5. there is nothing like this and we are not prepared because you can't be prepared for situations like this, you can only try to limit your risks. People who have put everything on the cloud and thought that cheaper opensource products were better than products with some support behind it will now get value for their money. A Return on Investment of a million against one

    Expect everything because everything is possible (with up to half a billion machines that eventually could be attacked and even if only 3% can be exploited this makes an enormous base for botnets and malware)

    and my last thought is

    which opensource code is next ?

    more links at

    https://www.diigo.com/list/mailforlen/Security/6n0ke5g 

    Rss feed is here https://www.diigo.com/rss/list?u_name=Mailforlen&uri=Security

  • Netflix and Belgacom should work together in Belgium

    Belgacom delivers digital tvsetupboxen in Belgium but just as with Telenet the other Partner of this Oligopoly (with some smaller players) they didn't deliver something that is anything near the démonstrations and présentations that they were giving at the start to political and technological influencers

    * we have a very very small number of free tv channels (70) which is the double of what we had before but which is nothing compared to the hundred of tv channels  in the air and offered on the US cable networks

    * there are few or no open air or public information tvstations while it was announced that by going digital we could install this kind of open media as is the case in the US

    * there is only a connection to a few internetservices while with Chromecast at 30 Euro I can have the whole internet and my laptop on the TV

    * there is no permanent Library of films, series and documentaries or concerts and the film passports of Belgacom are just boring (compared to the internet)

    and so I could go on and on

    so netflix on Belgacom would be interesting

    and maybe after Netflix there maybe some or hundreds of other services of packages you could chose from ?

    because once you have tried one transportation model, there are others (for example why not American Football or other sports or live concerts etc.....)

    If it is on the internet and it can be connected to the Digital TVnetwork than where is the problem

    otherwise the problem will be that when people look outside (on the internet) they will see a whole new world of information, sports and animation that they should be able to find through their digital tv

    Belgacom should maybe also understand that mainstream tv has become enormously boring and repetitive

    If Belgacom doesn't do it (and maybe get a lower price for its members and use the economy of scale) than my Chromecast and laptop will do it (as they already do) but the quality will not be the same

  • #scotland everywhere else they would call that a landslide

    look at the turnout

    loot at the difference

    compare with the Québec vote (only 60K difference)

    and the massive mediahype campaign that gave the impression that Yes was closing the gap (which it wasn't in fact if you look at the opinion polls )

    for example the last month

    http://whatscotlandthinks.org/questions/should-scotland-be-an-independent-country-1#table

    but ok here is what CNN made of it

    which in fact was 48% for

    and the final result is

    based on the polls you could say that the undecided finally voted NO (which is now a good campaignbook for other countries faced with such referendums - keep the undecided undediced untill the last moment and give them enough reasons to have some fear of adventure and risk and you will win)

    but when you look at the geography (and even the Turnout in the Yes bastions was lower than exepcted) and this was contrary to what was announced in the media by the Yes organisation (which shows again that just as in the US presidential élections that groundwork organisations responsable for the turnout on the day itself are a very important sometimes determining factor)

    also remember that for the first time even 16year olds were invited and mobilised to vote by the scottish government

    but the Scottish seperatists haven't really given up because they say that they are defeated .... for now

    but the UK is now going through a very complex period of constitutional reform and federalisation (like we know in Belgium) which will change the country for the coming 300 years. THe country didn't know a french revolution and has still today some very rigid and ancient institutions (House of Lords for example).

    the split in the country is also political in which England is becoming a conversative euroseptic bastion while the North and Welch are more leftwing and labour oriented (the Scottish educational system is different than the one in England giving more people access to higher education)

    but this after the election next year and nobody has any idea how those will go - especially with the euroseptics UKIP making inroads in the Conservative strongholds

    it also means that other seperatist movements in Europe have learnt that even a referendum that has been prepared during two years and that is led by a very popular local political party (SNP) and leader against a very unpopular central government and leader and in which all the local resources have been used to their full extent can't be a won

    because if you can't do it in Scotland, why should it work in Flanders, Basque, North of Italy or Spain....

    the main reason the undecided voted NO was because of the sentiment of Financial insecurity and dangers and that is something that you can never counter if there are enough reasons for that fear

    and the fact that even if Scotland voted Yes it would have taken another 6 years of very dangerous negotiations before it could declare itself independent is something that has only reinforced that feeling because in 6 years a lot of things can happen or can be discovered that will change everything

    and for historians, this is a map of the desintegration of the English empire over time  http://www.theguardian.com/news/datablog/gallery/2014/sep/19/every-single-country-that-has-left-the-united-kingdom-mapped

    and finally, one dream is totally scattered in the nationalist discourse

    there is NO ONE Scotlands, there are at least two of them and the non-seperatists have won with a clear majority (any US president or party in a twoparty winner-takes-all election would sign for that result) just as there is not one UK or one Spain or one whatever region, language or people

    it is time for those 19th century ideas to go to the dustbin of history because we see what happens if one mad leader with nuclear weapons and massive troops does with that, hé Putin  (this is different from decentralisation which is a democratic process which doesn't have to be nationalistic in tone or intent)

     

  • #ukraine this is why there may be war again next week(end)

    hundreds of Russian military trucks and tanks are crossing the border

    the Russians have also consolidated about 100 km of Ukranian border for free passage

    troops are being refreshed by being sent back to Russia while new fresh troops are arriving in Russia (in time for the weekend or join the other troops next week)

    the Russians are also digging in and extending their grasp of the territory

    and why next week

    not because of the sanctions but because Putin is mad as hell about this and unpredictable as he is may be capable to launch new attacks and operations in the weekend or next week to put pressure on the US and Ukraine

    the spoiler who is not invited to the party ....

    source http://www.odessatalk.com/2014/09/grandstanding-consequences/

  • #ukraine Russia increased the occupied territory enormously during the last 24h of truce

    why would you need war if you can continue to advance and have your strategic goals accomplished during a truce ?

    what will the next one be ?

    Mariupol during the weekend maybe ?

    Everything is looking this way

  • for the first time we knew what it was like to be like a jew (and we're not)

    we are not jewish - I am even not religious

    but at the side of my wife there is maybe some jewish grand-grand parent but we don't know

    we only know that my wife has a bigger nose and that throughout her family the women got names that may be viewed as jewish

    today my youngest daughter came back from school where an arabic kid of 12 year had refused to talk to her because she had 'a jewish head' and some other f.... words along with it

    my daughter said we should understand because he is palestinian .... but no we won't

    we are not jewish and even if we were, you don't just refuse contact or to speak to some-one only because he or she looks like whatever and you don't insult someone else for something we have nothing to do with in any case

    so all of a fact we become jewish because the nose is a bit bigger and for this palestinian this is a jewish head

    jews were killed for that under Hitler and in Rwanda people were also killed for that (their big or small nose)

    nah, we are going to have a good talk with the school, the teacher, the professor in islamic religion and his parents because we won't accept this

    at the other side I explained to my wife that this is the first time she understood what it is to be a jew - a real jew - even if you are peaceful and open and democratic and not some-one just out to kill the palestinians and every peaceplan

    a jew who is afraid to go against the 'popular guy', who doesn't know how to protect himself without attracting too much attention and who doesn't know on who he or she may count to defend him or that it won't make much difference and will in most cases hope that it will just pass without too much harm

    we don't accept any racism, anti-semitism or any discrimination - that is the way we educate our children

    It is not what you are that is important, but how are and if you are a racist or just stupid than you stay like that whatever you are, even if they are 'the same' as we are (or think we are)

    this is profound and strange experience

    jews will say that this is just normal, they have become used to it and that they just let it pass

    it is the reason why there will always be a need for Israel even if that doesn't explain all the violence and occupations

    but no, we don't and we won't - this has no place here and not in a school

  • #ukraine #moldavia #estonia look at this map and you will see immediately why shit happens today

    you have sometimes just to look at a map like a military planner or an imperialistic ruler would look to see the obvious

    Estonia can only be the next victim because it has a long border with Russia and if you take or destabilize Estonia you can have enough influence on Latvia and maybe Lithuania. This is why Estonia is quickly becoming the next point of attention (and of preparation in case if something starts happening). You also have to consider that they have a big minority of Russians and that there are already patriotic Russian seperatists active for a long time.

    Ukraine : well if Ukraine is integrated with the European Union and eventially NATO the map totally changes. Have a good look at the map and imagine Ukraine not being part of or associated with Russia. Bielarus would be more or less surrounded by western democracies and it would only be a matter of time untill it would feel that influence and at least would start to become more democratic and pluralistic and market orientated.

    Moldavia and transdistrn would be much more difficult to hold on to if Ukraine became totally European and eventually associated with NATO. The rogue public would be a Russiancontrolled island surrounded by NATO or westernized armies.

    and if you look at the black sea - at a moment in which Russia is investing billions in warships and started a war over Crimea you see that the strategic advantage will change if the coastline of Ukraine falls into the hands of the prorussian militias and the russian army in Ukraine.

    You also see why the ex Yougoslavian republics will become member of the European Union in the end

    and this makes (except for Norwegen) the map more or less complete

    and Moscow is not so far from the Ukranian border making the Russian first strike impossible or much too dangerous  even if Russian generals have placed it on the table now

    this is the big endgame the global strategy all the rest is day-to-day politics and news

    moldavia will not join NATO for the moment but as Putin is doing very hard his best to scare everybody, this is the map of NATO members and candidates and those who are not a member yet

  • Leaked (mostly) Russian gmailaccounts - Google says it knows what happened

    According to the Russia-based CNews a spokesperson for the Russian office of Google Svetlana Anurova said: "experts now understand what happened in the case". She also urged users to "select strong passwords and be sure to use a two-step authentication".
    http://www.news965.com/news/news/local/google-investigating-reported-leak-5-million-gmail/nhKCG/

    aside from the strong passwords and the double authentification

    what happened

    was it possible to do some bruteforcing on the servers

    was traffic to the server intercepted

    was it phishing

    if you know what happened

    you have to say what happened even if you have fucked up

    this is what real trust is based on

    that it may happen but will never happen again (the same thing)

  • SHA1 certificates aren't secure enough for Google, you have to upgrade

    source https://blog.globalsignblog.com/blog/google-to-display-warnings-on-sites-that-use-sha-1-certificates

  • #leak update 1 : 5 million mostly Russian GMail accounts leaked with passwords (download)

    this is the download for now 

    https://mega.co.nz/#!rgFDDRSD!QyyLxZNnR8i9fF_aNkKI-wUIUV3fjX5o0dxdl-bE3zQ

    Do not try them because if you try them you may be doing something illegal in your country.

    UPDATE 1 : it seems now that it are mostly Russian users so a local Gmail server will have been compromised or it is an infection or phishing campaign in Russia which has resulted to this file (and added with Junk to inflate the numbers and to increase the media attention because who cares about a few thousand of even a million Gmail accounts)

    but in Reddit there are also others who have found their passwords in it and they didn't live in Russia

    First it is a collection of old stuff, stupid stuff and working stuff (around 60% says some anonymous tester for what it is Worth)

    Secondly it is time to add your telephone number to your Google account as double authentification (and keep your mobile from downloading unknown apps and malware)

    Losing your emailaddress is something very essential because you will lose the possbility to change other passwords, verify changes and transactions and your contacts may receive trusted malware and spam. In mailboxes you can also find personal information that you can use to bypass other securityquestions or passwords to other services and networks or interesting contacts for social engineering

    and what is more important your gmail account also gives you access to youtube (have porn), your surfhistory and plenty of other resources

    GMAIL is the single biggest security failure of an unique passwords for many services (lose it all at once)

    you can suppose that passwordchecking software is already busy trying the same passwords on other services and on Gmail.

    Use always an unique password for your email.

  • how the new malware bypasses url-blocking by proxies and webfilters

    As per “Malware Traffic Analysis” blog, similar infection chain is seen from www.techo-bloc.com too. In both the cases, the Javascript file in the compromised server is modified to serve the exploit kit. The initial redirection server 192.185.16.158 has been used widely in recent web infections. It appears to be a website hosting server and belongs to the company HOSTGATOR according to the recent DomainTools lookup. Various domains of innocent users from music industry and law firms are used as “redirection” link in the infection chain. The target exploit server (95.163.121.188) is hosted in Russia. This is a sinkhole that is connected to many such varying domain names. All of these names have some substring “cdn” in them. Once the bad actors get access to an account/server they just create a corresponding “cdn” domain entry under that domain and use it to point to the target exploit server. This way they can bypass a lot of the URL categorization and URL blacklisting technologies.
    http://www.cyphort.com/blog/israeli-security-think-tank-website-compromised-serving-sweet-orange-exploit-kit/ 

    never expect your enemy to be passive and not to be always on the lookout for a bypass and to use it massively as long as it works as a window of opportunity because it takes a long time before you have found a way to block these automatically and afterwards to distribute it to all of your installations

    oh and what is more, only one URL blockers knows the command and control server of this tool

    but it is already distributing malware since at least march 2014

    source http://totalhash.com/analysis/60c5632656bef4f5e42a6f4805c84a23026bd910

    as is proven in this other analysis

    http://support.clean-mx.de/clean-mx/viruses.php?sort=firstseen%20desc&review=85.114.135.%

    so an URL can have various malicious downloads for some time that are detected but will not be stopped as a bad URL by most of them

    big opportunity for their zerodays

    I just block all traffic to Russia on my network - point final

  • pingly wants to change email forever

    "Here are a few of the shortcomings we've identified with email and how Pingly plans to fix them:

     

     

    Shortcoming #1:

     

    Right now anyone can send you an email which is part of the beauty and simplicity of email, but that has also been abused.

     

    Pingly has a feature called "Connections" so that you can still receive messages from anyone, but Connections let you choose who and what is important. Think of it like friending someone on Facebook or following someone on Twitter so that it allows special priority and notifications to you.

     

     

     

     

    Shortcoming #2:

     

    Messages sent to you via email come in all forms, shapes and sizes. Text and HTML, confirmation and RSVP, download a file or print tickets. Those are all great things, but on the downside, because there aren't specific message formats, you the user are required to digest each message to figure out what the sender is trying to convey to you or which action to take.

     

    Pingly breaks messages down into different types such as: Conversation, Calendar event, Action required, etc. This way the messages are pre-digested for you in a familiar format that makes it easy for you to see the important information and take an action.

     

     

     

     

    Shortcoming #3:

     

    Email runs on older protocols like IMAP and SMTP that are around 30 years old and are hard for developers to work with.

     

    Pingly provides a REST API to developers to make creating apps around email or extending Pingly a breeze.
    http://blog.pingly.com/email-20

    not the first try and surely not the last one and too early too tell

    the best thing would be if the big mailservers and webmails would incorporate this thinking in their products as a side-service you could use or not - and it could become a Facebook breaker for the private and familly stuff which is much more difficult to manage on Facebook ever more complicated privacy and access controls

  • the strategic battle for the Antartic is in full swing, Russia building strategic Fort

    source http://io9.com/russia-is-building-a-star-fort-on-this-strategic-arctic-1632544538

    My note : Alaska, Canada - with the melting Ice and the warming of the earth it has gone another way on the diplomatic military front where the cold war in setting in again and relations are becoming colder by the week

    look at this map, military it is all about location, location and location

    with the modern warfare and electronic monitoring possibilities you have here a very strategic position

  • Google doesn't want you to block even malicious ads in their appstore

    source http://news.yahoo.com/disconnect-mobile-yanked-again-google-153335716.html

    mynote : what do you expect from the super privacy- thief amongst thiefs...

    and they don't check or control the apps for malicious code or privacy incursions before they are accepted at the appstore - neither does Apple by the way

  • The military strategy of China is now informationwarfare centered

    "Xi Jinping, head of the Chinese Communist Party, is calling on China’s military to focus on innovation and information warfare. He declared the world is seeing a “new military revolution.”

     

    “We should cast off the paradigm of mechanized warfare and embrace an approach to war featuring information technology,” Xi said, during a meeting of the Political Bureau of the Chinese Communist Party (CCP) Central Committee.

     

    Xi gave his speech on Friday. His statements were reported by China’s state-run news agency Xinhua on Sunday.
    http://www.theepochtimes.com/n3/926297-china-calls-for-military-embrace-of-information-warfare/?sidebar=related-below

    this does also involve electronic warfare as you have to intercept and disrupt the electronic communications and Tools of the enemy - even if you are not shooting at each other :)

    it also means much more 'reconnaissance' and 'intelligence' (cyberespionage)

  • why western firms are not locating top managment and secret information in China anymore

    "The many frustrations of doing business in China have made some difference in the plans to move executives here — choking air pollution, countless regulations that favor local competitors and weak protection for intellectual property. A rising wave of economic nationalism has also manifested itself in large-scale raids on the Chinese offices of multinationals in the automotive, pharmaceutical and technology sectors. Police officials are copying large numbers of computer hard drives and interrogating employees without allowing access to legal advice.

    More important, many multinationals are starting to pay renewed attention to Southeast Asia, which is showing signs of revival 17 years after the Asian financial crisis. They have found it hard to do that from Shanghai or Beijing. Each major city has no more than one flight a day to Jakarta, Indonesia, for example. And China’s diplomatic and trade ties to Southeast Asia have been strained by its increasingly assertive claims to control over practically all of the South China Sea.
    http://www.nytimes.com/2014/09/10/business/international/looking-beyond-china-some-companies-shift-personnel.html?partner=yahoofinance

    China is only part of Asia of which is has very strained political and military relations for the moment, sometimes binkering on the edge of conflicts and incidents and talk of war

    Having your secret business information in China involves enormous investments in its security and transporting it to China needs something like the Unbreakable Laptop (Sophos) or other high secure transportation

  • #ukraine russia used tactical missiles in Ukraine before the ceasefire

    source http://maidantranslations.com/2014/09/09/yuriy-butusov-evidence-confirms-that-ukraine-is-fighting-against-regular-russian-army/