democracy - Page 8

  • the up yours barricades in #hongkong

  • all critical windows stations should install the security updates as fast as NOW

    the reason is that there are several very critical zerodays that are or can be exploited by known or not yet known viruses. One is by the energybear or sandstorm worm that has received much press today because the firm had to keep quiet untill today

    "After the exploit was shared with Microsoft in early September, it was determined that the vulnerability is located in the Object Linking and Embedding (OLE) package manager and that it affects all versions of the Windows operating system from Vista Service Pack 2 to Windows 8.1, as well as Windows Server 2008 and 2012.

    "The vulnerability exists because Windows allows the OLE packager (packager.dll) to download and execute INF files," the iSight researchers said. "In the case of the observed exploit, specifically when handling Microsoft PowerPoint files, the packager allows a Package OLE object to reference arbitrary external files, such as INF files, from untrusted sources."

    Attackers can leverage this vulnerability to execute arbitrary code, but will need to trick users to open a specifically crafted file first by using social engineering techniques, something that was observed in this campaign.
    http://www.computerworld.co.nz/article/557318/russian-hackers-exploit-windows-zero-day-flaw-target-ukraine-us-organizations/?utm_medium=rss&utm_source=taxonomyfeed

  • the sandworm attack collects your certificates to become a trusted hacker in your network

    "Although iSight only has a small view of the number of victims targeted in the campaign, the victims include among others, the North Atlantic Treaty Organization, Ukrainian and European Union governments, energy and telecommunications firms, defense companies, as well as at least one academic in the US who was singled out for his focus on Ukrainian issues. The attackers also targeted attendees of this year’s GlobSec conference, a high-level national security gathering that attracts foreign ministers and other top leaders from Europe and elsewhere each year.

     

    It appears Sandworm is focused on nabbing documents and emails containing intelligence and diplomatic information about Ukraine, Russia and other topics of importance in the region. But it also attempts to steal SSL keys and code-signing certificates, which iSight says the attackers probably use to further their campaign and breach other systems.
    http://www.wired.com/2014/10/russian-sandworm-hack-isight/

    and we are not talking about some spammers or scriptkiddies these are targeted attacks against high value targets so you can not suppose that they are not going to do this, why wouldn't they if this was their main purpose of the attack, having access to the confidential and secret information that they were after in the first place

    with or without a certificate

    it makes it also much easier to infect other systems because your malware code is authentificated with a stolen certificate (and code seldom is signed by external institutions and it is seldom that you can see somewhere where it is installed and used)

    some other interesting information

    * the virus-attacker is known since 2008

    * it uses some process in powerpoint, so this is the entree point for the virus (some powerpoint files extremely popular with decisionmakers)

    * it wouldn't surprise me if the targeted western european government that is mentioned vaguely is Belgium because the European Union and NATO are also targeted so why shouldn't you attack also the government that is on the same networks ?

    * it is also interesting to note that they are talking about several European telecommunication firms ....

     

  • Australia limits personal and democratic freedoms because of terrorist threats

    "Since Australia raised its terror threat level from "medium" to "high" on September 11, Prime Minister Tony Abbott notified Parliament that "Regrettably for some time to come, the delicate balance between freedom and security may have to shift."

    That shift has included legalizing government surveillance of the Internet and threatening 10-year prison terms for anyone, including journalists or whiste-blowers, who publicize classified information.

    Parliament is also considering a proposed national security law that would permit the secret detention of Australians without charge in order for the Australian Security Intelligence Organization "to conduct coercive questioning of a person for the purposes of gathering intelligence about a terrorism offense."
    http://www.upi.com/Top_News/World-News/2014/10/07/Australian-governments-counter-terrorism-laws-under-fire-by-civil-rights-proponents/8731412703971/

  • soldiers of the future : the special forces from Taiwan

    source http://cyberwarzone.com/taiwan-special-forces-unveil-scary-new-look/

  • #ukraine #donetsk airport is like the battle in Aleppo and Stalingrad (holding on to bricks with little more than courage and a few weapons)

    from inside the Donetsk airport that is being defended - and needs to be defended probably like this another week because there are rumours that Putin will sign a definitive ceasefire next week

    these Ukranian soldiers have become real mythical heroes in Ukraine as 'Cyborgs' more because of the environment they are fighting in (like some sience fiction films) than because of their 'supersoldier' look - which is not the case, on first sight they should have at least 10 more tools and weapons )

     and these are the Russians around them, firing from the buildings around the central airport control tower, from time to time like a ballet (people who think war is a permanent thing watch too much television) - war is mostly a waiting in which the only important things are taking and holding on to positions, setting up a good strategy to attack (and hold your flanks and logistics while attacking those of the enemy) and than having your battle for some time after which it all begins anew

  • new Russian nuclear missiles in #crimea (#ukraine) increase Russian nuclear supremacy in Europa

    "The United States is believed to have around 200 nuclear weapons in Europe. Russia’s tactical nuclear arsenal is at least 2,000. “NATO politics will prevent any cuts in U.S. tactical nuclear weapons in Europe,” he said. “This is obviously about the worst possible time to talk about something like this.”

     

    Schneider said nuclear policymakers should focus on deterrence now instead of disarmament. A Russian Defense Ministry spokesman told state-run Interfax March 26 that a “missile-carrying regiment” of Tu-22 Backfire nuclear bombers will be deployed to the Crimean airbase at Gvardeyskoye within two years.

     

    IHS Jane’s Defence Weekly described the nuclear-capable Tu-22s to be based in Crimea as “the backbone of Soviet naval strike units during the Cold War.”

     

    Rogers, the strategic forces subcommittee chairman, said Sept. 18 that the Russians have discussed “plans to station tactical nuclear weapons in Crimea.”
    http://freebeacon.com/national-security/russia-deploying-tactical-nuclear-arms-in-crimea/

    nice to know that our Russian friends are even not feeling secure enough against us with their 2000 nuclear against our 200 missileheads, they even want to add some new ones in the Crimea, just to be a bit more nearer and have an even wider range (and it is not to protect us against Iranian or other arabic missiles that have fallen in the hands of some IS likeminded groups or leaders in some strategic plans)

  • #ukraine (attention very shocking) video of result of ongoing war : morgue in Donetsk

    every day there are between 10 and 30 battles being fought out with the main media attention at the totally destroyed Donetsk airport (which is internationally and strategically important to hold on to or to conquer)

    afterwards therussians will arrive here

    http://andrewrostov.livejournal.com/574246.html

  • interpol coordinates a program to share info about foreign ISIS fighters

    “Interpol provides critical leadership in advancing the Justice Department’s efforts to combat terrorism and ensure the safety of all Americans – offering cutting-edge resources, a structure for international cooperation and strategic tools like Red, Blue and Green Notices for tracing, targeting and apprehending terror suspects,” said Attorney General Eric Holder. “In a world that is increasingly interdependent and interconnected, INTERPOL helps to defend against a range of evolving challenges by disseminating information, combating crime and identifying potential threats.”

    “And particularly today, with the emergence of groups like ISIL and the knowledge that some Americans are attempting to travel to countries like Syria and Iraq to take part in ongoing conflicts,” Holder said, “INTERPOL – as the world’s largest international police organization – has a vital role to play in safeguarding our homeland and protecting the American people.”

    DHS Secretary Jeh Johnson said, “The threat posed by foreign fighters is one that is persistent and requires the full cooperation and resources of the international law enforcement community to effectively combat. We are already working closely with European and other governments to build better information sharing, and we will continue to leverage our partnership with the INTERPOL, Department of Justice and other international partners to make enhanced and concerted efforts to track foreign fighters who come from or seek to enter the United States.”

    The program currently supports a working group that includes Australia, Belgium, Canada, France, New Zealand, Spain, Switzerland, the Netherlands, Turkey, the United Kingdom and the United States, as well as an international symposia -- a multinational database populated with information contributed by and accessible to participating member countries.
    http://www.hstoday.us/single-article/interpol-washington-spearheads-foreign-terrorist-fighter-info-sharing-program

  • intelligence budget of the US downsized with a third in 2014

    "Although terrorism remains a high priority topic within the Intelligence Community (IC), budget constraints and unauthorized intelligence disclosures also continue to pose complex challenges. While intelligence spending has greatly increased since September 11, 2001, between 2012 and 2014, the budget for the National Intelligence Program has shrunk significantly from $78 billion to $52 billion due to the controversial budget sequestrations.

     

     

    According to Clapper, this reduction in intelligence funds has greatly reduced the IC’s ability to carry out core functions, such as human intelligence, and when combined with recent intelligence leaks, has created a “perfect storm” degrading the intelligence capabilities of IC.
    http://www.hstoday.us/single-article/dni-fiscal-challenges-and-snowden-leaks-created-perfect-storm

  • Google and Oracle fighting over the fundamental question of copyrights on API's

    Oracle tries to get billions from Google for using API's from java in its code (millions of lines of code) and the judges have been going back and forth on this issue and the case has been sent to another court now

    but Google has decided to cut the long story short and has asked the Supreme Court of the US to consider to consider the case.

    "Many of the deliberations in the case have since focussed on whether it is possible to copyright an API, a matter of no small interest in these API-happy times.

    The last judicial word on the matter came in May this year, when the Court of Appeals decided APIs can indeed be copyrighted, before handing the matter back to a lower court for another round of argument about fair use.

    Google's now gone all the way to the Supreme and according to Reuters, which has seen its filing, is now arguing that “Early computer companies could have blocked vast amounts of technological development by claiming 95-year copyright monopolies over the basic building blocks of computer design and programming.” The Chocolate Factory seems to be suggesting that Oracle is unfairly crimping innovation with its actions regarding Java in Android.
    http://www.theregister.co.uk/2014/10/09/google_takes_javaonandroid_case_to_supreme_court/

    the ramifications if Oracle wins are enormous and could turn the whole webservices infrastructure and everything that uses java somewhere (billions of instances) into moneymachines for Oracle

  • why a more stable Pakistan with accountable intelligence services will stabilize the region

    today they are shooting at the Kashmir region again, a region where radicals financed and trained by the ISI Pakistan intelligence services are fighting the Indian 'Occupation'

    both countries have nuclear weapons by the way

    http://www.nybooks.com/articles/archives/2014/jun/05/pakistan-worse-than-we-knew/

  • The US has no plans to set in motion if another big bank is falling apart

    improvisation during the weekend like in 2007 (read the flabbergasting stories in 'Too big to fall')

    nothing changed except the impression that something has changed

    http://www.nybooks.com/blogs/nyrblog/2014/oct/04/real-lesson-lehman-bankruptcy/?

  • the financial crisis in 2007 was because of the rise of private debt not public debt

    but it is the public sector who is now being reduced to a nearly non-service level because of its debt and that debts was guaranteed by other overnight loans by shadow banking that was totally outside of the reglementation and oversight

    source http://www.nybooks.com/articles/archives/2014/oct/23/why-werent-alarm-bells-ringing/?

     

  • #ukraine after weeks of battles with Russians, #Ukraine sends a missile to stop their advance

    the last weeks the new troops and trucks and tanks kept coming from the russian side and every day there were one to several attempts to take the Donetsk airport (which is really essential if the russianrebel region is going to survive (even as a gangster state for smugglers)). This is an international airport and not a local or regional airport as some think.

    Embedded image permalink

    so even if the defenders of the airport are called CYBORGS by the Russians because they are holding off so many attacks (although some groups of soldiers have surrendered the last days)

    it looks like a film like Stalingrad or some survival movie (surrealistic)

    But sending a message to the kremlin is sometimes necessary

    there is no ceasefire, they never stopped firing, the big russian invasion and the real war was set for a later date, that is all and Ukraine has got some more time preparing for it if somebody is willing to help them

    and if he ups the ante, Ukraine can also

    your turn

     

  • #kobane online rage spilling over to the streets of Europe

    the last city that is still defended by some Kurdish fighters who know they are going to die against the tanks and artillery of the ISIS with their thousands of experienced battle hardened fighters

    once in a while there is an Alliance fighterjet coming over doing many things but no fighting

    while at the Turkish border tanks are standing by of the second biggest army of Europe that used to kill as many Kurdish fighters as possible but now are watching how those brave Kurdish fighters are being slaughtered

    so people grow angry

    at tanks that don't shoot and planes that don't bombard (except with words that are empty of any meaning)

    I don't think the Kurdish militants and families will continue to keep silent because in their despair the only thing they can do is make sure that every European capital knows that they are there and they are watching and they are desperate for their families and communities still in Iraq and Syria

    just as in Ukraine

    sometimes I think that the future générations of leaders will have less problems with using war and military strikes because they will remember that if you don't use it now and than it will all become such a mess that you need to set up such big interventions that it will take years and ask billions of your budgets to get the things Under control again

  • the European recruitwebsite for fighting volunteers for Russia in #ukraine

    it is not what you see that is important it is what it is used for

    http://europeanfront.info

    or you thought that only al qaida did online recruiting ?

  • how the North Korean Regime is making sure everybody hears exactly the same message

    astonishing simple if you think abou it

    http://www.theguardian.com/world/2014/oct/08/kim-jong-un-north-korea-coup

  • the drone wars in #Ukraine (future of the battlefield)

    by the Ukraine population to help their volunteers and soldiers

    cost is about 35.000$ for a Professional one that stays some hours in the air (instead of the 30 minutes for the models you can buy in the shop)

     and the controllers

    meanwhile the Ukraine army has also shot down some Russian drones and some private ones that looked as if they came from the russianrebels

  • the problem with the article in De Morgen against the arrested jihadists

    de Morgen published a long article today about the arrest jihadists in Brussels that were planning - according to some media reports - a bomb attack against the European institutions (and why does that surprise anyone ?)

    the first problem is that some stupid person gave their journalist access to the files - long before any trial started and so this could be a problem even to have a trial - as information from the files is divulged in the press. So who-ever is responsable for these files should be reprimanded and the security of access to these files should be limited to the people involved

    the trial has to take place in the courtroom, not in a newspaper - as long as there is no proof that there is a grave misconduct of justice here

    the second problem is that the article is stating more or less that this arrested wasn't that important and that you could hardly call them terrorists or even dangerous but there are some details that are overlooked in the article that makes it very dangerous to make such a statement

    * the man wanted to become a professional to install security-installation (with other words he would be installing the security that he eventually could disable later on)

    * they were living in a classy neighborhood - far from the more extremist neighborhoods where agents are keeping a close watch on who is coming and going with a lot of money that was not accounted for

    * he went to Syria and helped other people going to Syria

    * he had guns

    * he refuses to cooperate with the police investigation and refuses to give access to a specific part of his laptop (not to incrimate himself)

    * he went on reconnaissance in the neighborhood of the European administrative buildings

    so when you have already all that information you have two options, you wait because youi think you don't have enough and you have to organize enormous resources just to keep him 24h under surveillance to be sure that you aren't missing something and you can always intervene in time to prevent an attack

    or you say that you have enough to hold him on lesser charges and you will see what will come out during the investigations or even better if one of the parties wants to collaborate but the main objective is to put them out of harm's way so that you can use all those resources in effective investigations and looking for other sleeper cells or local 'infrastructure' that only does some 'inoffensive' tasks like transport en accomodation

    implicating now that the police services have nothing (maybe the journalist has not seen all the files and if he did than there is surely a big breach)