10/31/2012

is the US the mailboxes of public officials are ... nearly public

look at a case like this

"People who've e-mailed Oakland Police Chief Howard Jordan over the past year about Occupy Oakland probably didn't get much of a response.

That's because he used a spam filter to dismiss messages sent to him with "Occupy Oakland" in the subject line, according to a federal court filing Monday. Same goes for the phrases "stop the excessive police force," "respect the press pass" or "police brutality." Instead of landing in his in-box, those messages went straight into his junk mail folder, which he apparently never looked at.

Because of those filters, Jordan missed e-mails from other city officials and a federal court monitor, who oversees the department's compliance with court-ordered reforms stemming from a police abuse scandal.
http://www.sfgate.com/crime/article/Oakland-chief-filtere...

but this means that people by using the court can get access to mailboxes and the way their emails are handled, just as was the case with paperwork before (and in the financial sector has been extended to nearly every form of communication including chats)

imagine that in Belgium

Permalink | |  Print |  Facebook | | | | Pin it! |

you have no privacy against police camera's in open fields in the US

The officers installed the cameras in an open field where they suspected the defendants, Manuel Mendoza and Marco Magana, were growing marijuana. The police eventually obtained a search warrant, but not until after some potentially incriminating images were captured by the cameras. The defendants have asked the judge to suppress all images collected prior to the issuance of the search warrant.

 

But in a Monday decision first reported by CNET, Judge William Griesbach rejected the request. Instead, he approved the ruling of a magistrate judge that the Fourth Amendment only protected the home and land directly outside of it (known as "curtilage"), not open fields far from any residence.
http://arstechnica.com/tech-policy/2012/10/police-allowed...

Permalink | |  Print |  Facebook | | | | Pin it! |

10/30/2012

what is artleaks ? (and why does it want to break the Omerta in their circles)

ArtLeaks is collective platform initiated by an international group of artists, curators, art historians and intellectuals in response to the abuse of their professional integrity and the open infraction of their labor rights. In the art world, such abuses usually disappear, but some events bring them into sharp focus and therefore deserve public scrutiny.  Only by drawing attention to concrete abuses can we underscore the precarious condition of cultural workers and the necessity for sustained protest against the appropriation of politically engaged art, culture and theory by institutions embedded in a tight mesh of capital and power.

Namely, we have experienced first-hand how critical thinking and dialogue can be compromised through repressive maneuvers – and turned against those workers who bring into question art institutions’ mission, politics or their engagement with corporate benefactors. By co-opting cultural activity, these sponsors obtain social credibility which they then proceed to mis-use:  by refusing decent conditions for cultural workers through oppressive measures – the same workers whose labor makes their subsistence possible.

In response to blacklisting and continued abuse conjoined with unbridled exploitation, we considered it our civic and political duty to bring to light the mechanisms of corruption and inspire others to do so as well. Instead of letting singular protests succumb to anonymity, gossip or institutional hush-hush, we began working to extract from situations of inequality, general conditions that affect the social and political mission of workers and establishments for art and culture.

http://art-leaks.org/about/

Permalink | |  Print |  Facebook | | | | Pin it! |

pedoscandal x revives in Belgium - Tory pedoscandal in the UK has links to Belgium

The accused top Tory was never arrested and no one was ever charged over the rent-boy ring.

 

 

The vulnerable teen who spoke to ­detectives vanished just weeks after blowing the whistle.

 

 

The dropped probe was carried out by the Metropolitan Police – the same force now investigating six decades of abuse by telly star Jimmy Savile. It ­discovered high-profile men were ­paying the boys to attend sex parties at “millionaire properties” in London and the Home Counties.

 

 

A “network” of boys, including ­runaways, were used – many of whom were said to have been recruited around the then notorious rent-boy haunt of Leicester Square.

 

 

Some of the VIPs were said to have flown in via RAF Northolt on the outskirts of London.

 

 

One boy told police wealthy men from Belgium attended the parties, which were described as “high class” and featured top-notch food and booze.

 

 

The detective said the whistleblower was petrified about the repercussions.
http://www.dailystar.co.uk/news/view/279380/TORY-PAEDO-CO...

for what it is worth

but the time is the same as when our scandal x - aside the Dutroux scandal - broke out

a coïncidence or is there more to it (and no  i don't believe in New World Order stuff)

Permalink | |  Print |  Facebook | | | | Pin it! |

Even if SHA-2 hashing survived the attacks, SHA-3 is ready for Ubiquitous Computing (the internet of things)

Despite the attacks that broke other somewhat similar but simpler hash algorithms in 2005 and 2006, SHA-2 has held up well and NIST considers SHA-2 to be secure and suitable for general use.

 

What then will SHA-3 be good for? While Polk says it may take years to identify all the possibilities for Keccak, it immediately provides an essential insurance policy in case SHA-2 is ever broken. He also speculates that the relatively compact nature of Keccak may make it useful for so-called “embedded” or smart devices that connect to electronic networks but are not themselves full-fledged computers. Examples include sensors in a building-wide security system and home appliances that can be controlled remotely.

 

“The Internet as we know it is expanding to link devices that many people do not ordinarily think of as being part of a network,” Polk says. “SHA-3 provides a new security tool for system and protocol designers, and that may create opportunities for security in networks that did not exist before
http://www.nist.gov/itl/csd/sha-100212.cfm

the internet of things in our living room, around us on the street or in the shop or on the battlefield or in hospitals or in our body

Permalink | |  Print |  Facebook | | | | Pin it! |

german police and intelligence spent 1 billion Euro during the last decade on cyberspying

The German ministry for home affairs and thus the German police clearly state that they are monitoring Skype, Google Mail, MSN Hotmail, Yahoo Mail and Facebook chat if deemed necessary. Money is spent on trojan viruses and we can be quite certain which company produces the IMSI catchers used by German police. We know how much money was spent by the Federal Police on border control biometrics, on passenger information systems and telecommunications surveillance. Digitask, a company whose reputation was clearly damaged after its trojan virus was found and analysed by the Chaos Computer Club in 2011, seems to still be a regular contractor of German authorities. Altogether more than a billion Euro was spent on private services by German police and other public authorities in the realm of the ministry of home affairs in the years 2002 – 2012.
http://annalist.noblogs.org/post/2012/10/03/german-police...

Permalink | |  Print |  Facebook | | | | Pin it! |

is your heartbeat the next biometric authentification ?

HeartIDTM is the next generation biometric system for user authentication. A revolutionary technology that recognizes users based on their unique cardiac rhythm.

 

HeartIDTM has been engineered to enable robust authentication for a variety of applications and devices, including portable consumer electronics such as smart phones, tablets, and video game systems. Any electronic device can be equipped with this technology to control access and to provide automatic personalization.
http://www.bionym.com/tech/heartid/

what will be next, my feet ot breath ?

all that can be digitalized can be fooled or bypassed

only procedures and layers of control ensure secure authentification

Permalink | |  Print |  Facebook | | | | Pin it! |

10/29/2012

nog een kieken die haar emails op pastebin publiceert

al eens gezien hoeveel persoonlijke gegevens hierbij kunnen gevonden worden ?

Kathleen Verhille.
Executive Management Assistant
 
SCIA Group nv - Industrieweg 1007 - B-3540 Herk-de-Stad (België)
Phone: (+32) 013/551775 - Direct: (+32) 013/550272 - Mobile: (+32) 0475/690159 - Fax: (+32) 013/554175
Email: k.verhille@scia.be - Skype: kathleenverhille - Website: www.scia-online.com
 
----- Forwarded by Kathleen Verhille/SCIA on 09/03/2011 12:11 -----
 
"Wendelenhof" <wendelenhof@skynet.be>
09/03/2011 12:10
 
To
<k.verhille@scia.be>
cc
 
Subject
menuvoorstel wendelenhof
 
Menuvoorstel Wendelenhof dinsdag 15 maart.
 
aanvang 13.00h einde 14.30 h
prijs per persoon 30 € .
 
Groetjes Dominic
http://pastebin.com/6BmytZB1

Permalink | |  Print |  Facebook | | | | Pin it! |

welk kieken publiceert volledige emails op pastebin ?

http://pastebin.com/iMENminp
 
Goeie morgen
 
De reservatie mag doorgevoerd worden.
We zouden dus met 6 zijn, en we blijven vrijdag -en zaterdagavond overnachten.
Vanaf wanneer mogen we er in en wanneer moeten we er uit? En moeten we op voorhand betalen of moet dit bij aankomst?
 
Bedankt voor uw antwoord,
 
Mvg,
Thomas Boghaert
 
> From: Verhuur@immo-bel-air.be
> To: thomasboghaert@hotmail.com
> Date: Thu, 6 Sep 2012 10:10:00 +0200
> Subject: RE: Reservatie-aanvraag voor GOLVEN (301 254) via de website Toerisme Vlaanderen, t.a.v. Immobilia Bel Air
>
> Goeie morgen,
> Mag deze reservatie doorgevoerd worden of had u een specifieke vraag?
> Met zonnige groeten,
>
> Bieke
> Immo Bel Air NV
> Zeedijk 148
> B-8400 Oostende
> |T| 059/330 430
> |F| 059/800 170
> verhuur@immo-bel-air.be
> http://www.immo-bel-air.be |
> Open 7d/7d van 10 uur tot 12.30 uur en van 14 uur tot 18 uur.
>
> De gegeven informatie in deze bovenvermelde mail is strikt vertrouwelijk en alleen  bedoeld voor de bestemmeling van dit  bericht.
> Indien u NIET de bedoelde bestemmeling bent, dan is het openen, kopiëren of distribueren hiervan verboden . (ook van gedeeltes hiervan)
> Het verzenden van deze mail impliceert dan ook geen enkele reductie van de vertrouwelijkheid van deze  doorgemailde boodschap.
 
> -----Oorspronkelijk bericht-----
> Van: noreply@cib.be [mailto:noreply@cib.be]
> Verzonden: dinsdag 4 september 2012 23:00
> Aan: immo.belair@skynet.be
> Onderwerp: Reservatie-aanvraag voor GOLVEN (301 254) via de website Toerisme Vlaanderen, t.a.v. Immobilia Bel Air
>
> De volgende gegevens werden genoteerd op 04/09/2012 om 23:00
> Pand: De Golven I GOLVEN (301 254)
> van: 07/09/2012
> tot: 09/09/2012
> prijs: 227,00
> naam: Boghaert
> voornaam: Thomas
> straat: Jules Destréelaan
> nr: 27
> postcode: 9050
> gemeente: Gentbrugge
> land: België
> telefoon: 0478378509
> gsm: 0478378509
> email: thomasboghaert@hotmail.com
> aanvulling:
> http://212.123.24.249/ajax/vlaanderen/detail.php?p=00025437&van=20120907&tot=20120909

Permalink | |  Print |  Facebook | | | | Pin it! |

how do you protect 3.6 million people against ID theft after a data leak

The South Carolina Department of Revenue acknowledged the massive electronic security breach today, saying an electronic intrusion led to 3.6 million Social Security numbers being stolen. The state's population is approximately 4.7 million.

 

"We are taking immediate steps to protect the taxpayers of South Carolina, including providing one year of credit monitoring and identity protection to those affected," Gov. Nikki Haley said in a statement.
http://news.cnet.com/8301-1009_3-57541481-83/millions-of-...

 the intrusion and data leakage happened half september but they were only informed the 10th of october and than installed the necessary monitoring tools for access to data in about 48 hours for the database and 10 days for all the personal computers of the department, which proof that they could have done this from the first time

but the security hole itself was only closed the 20th of october, being 10 days after the first notification

and than what do you do ?

We are taking immediate steps to protect the taxpayers of South Carolina, including providing one year
of credit monitoring to those who may be affected through Experian’s ProtectMyID Alert. This service
includes:
o A free credit report;
o Daily credit monitoring across three credit bureaus to detect any suspicious activity;
o A $1 million identity theft insurance policy.


 The public is urged to be aware of scams. DOR will never call or otherwise contact those affected asking
for personal information. Beneficiaries are advised to never give out their Social Security numbers or
other identifying information to people you do not know.


If you filed a South Carolina tax return since 1998, you are urged to call the toll-free call center that DOR
has established, which will be operating 24/7 beginning at noon on Friday, October 26, 2012,for anyone
who wishes to know if their personal information was included and to immediately enroll in one year of
credit monitoring: 1-866-578-5422. Also please visit: ProtectMyID.com/SCDOR.

Permalink | |  Print |  Facebook | | | | Pin it! |

what is a parasite porn site

A parasite porn site is a site with (amateur, teen, public,...) pornpictures that were in fact stolen from public (social) discrete websites (like facebook) without the knowledge of the owners of the pictures and/or the people in it

  • The time spent on the research was 47 working hours, spread over four weeks.

  • A total of 12,224 images and videos were analysed and logged.
  • The content was on 68 discrete websites.
  • 7,147 were images.
  • 5,077 were videos.
  • 5,001 were both an image and a video.
  • Of the 12,224 images/videos, 10,776 were on parasite websites.
  • Therefore, 88% of content was taken from the original source site.
  • In only 14 instances could analysts not determine whether the site was a parasite website.

http://www.iwf.org.uk/about-iwf/news/post/334-young-peopl...

the most practical thing to do is to inform those socialmedia sites of the names of the bots and the websites so their traffic can be stopped or made even more difficult

Permalink | |  Print |  Facebook | | | | Pin it! |

09/26/2012

privacycommission and belgian parliamentarian want Belgian breach notification law after Rex Mundi announcement

After the announcement of the hack of a Belgian firm with half a million members by rex mundi on twitter last week the privacycommission and the Belgian parliament are coming into action

tired of waiting on the valuable but heavily counterlobbied effort by the European Commission for an European Data Breach Notification Directive - of which rumours say that it could take 2 to 6 years to implement - some Belgian Parliamentarians like Roel Deseyn want now to implement Belgian law that later can be adapted to the European Directive if necessary.

the hack of a database of half a million belgians of which only a few people now what really happened (I don't know what really happened) may be the trigger to get the Belgian parliament and the government maybe moving very fast

half a million data is off course a 'big one', the one that would lead to chaos if half a million people would have to change their password, sometimes their emailaddress, telephone numbers and so on

the question is if we are prepared to treat a 'big one' just as we prepare for a big nuclear disaster, a food crisis, a big fire or accident and what if we have a big data leakage, who will be responsable

Permalink | |  Print |  Facebook | | | | Pin it! |

09/21/2012

European Commission abuses online antiterrorism to propose to control everything from all of us (leaked document)

A leaked document from the CleanIT project shows just how far internal discussions in that initiative have drifted away from its publicly stated aims, as well as the most fundamental legal rules that underpin European democracy and the rule of law.

The European Commission-funded CleanIT project claims that it wants to fight terrorism through voluntary self-regulatory measures that defends the rule of law.

The initial meetings of the initiative, with their directionless and ill-informed discussions about doing “something” to solve unidentified online “terrorist” problems were mainly attended by filtering companies, who saw an interesting business opportunity. Their work has paid off, with numerous proposals for filtering by companies and governments, proposals for liability in case sufficiently intrusive filtering is not used, and calls for increased funding by governments of new filtering technologies.

The leaked document contradicts a letter sent from CleanIT Coordinator But Klaasen to Dutch NGO Bits of Freedom in April of this year, which explained that the project would first identify problems before making policy proposals. The promise to defend the rule of law has been abandoned. There appears never to have been a plan to identify a specific problem to be solved – instead the initiative has become little more than a protection racket (use filtering or be held liable for terrorist offences) for the online security industry.

The proposals urge Internet companies to ban unwelcome activity through their terms of service, but advise that these “should not be very detailed”. This already widespread approach results, for example, in Microsoft (as a wholly typical example of current industry practice) having terms of service that would ban pictures of the always trouserless Donald Duck as potential pornography (“depicts nudity of any sort ... in non-human forms such as cartoons”). The leaked paper also contradicts the assertion in the letter that the project “does not aim to restrict behaviour that is not forbidden by law” - the whole point of prohibiting content in terms of service that is theoretically prohibited by law, is to permit extra-judicial vigilantism by private companies, otherwise the democratically justified law would be enough. Worse, the only way for a company to be sure of banning everything that is banned by law, is to use terms that are more broad, less well defined and less predictable than real law.

Moving still further into the realm of the absurd, the leaked document proposes the use of terms of service to remove content “which is fully legal”... although this is up to the “ethical or business” priorities of the company in question what they remove. In other words, if Donald Duck is displeasing to the police, they would welcome, but don't explicitly demand, ISPs banning his behaviour in their terms of service. Cooperative ISPs would then be rewarded by being prioritised in state-funded calls for tender.

CleanIT (terrorism), financed by DG Home Affairs of the European Commission is duplicating much of the work of the CEO Coalition (child protection), which is financed by DG Communications Networks of the European Commission. Both are, independently and without coordination, developing policies on issues such as reporting buttons and flagging of possibly illegal material. Both CleanIT and the CEO Coalition are duplicating each other's work on creating “voluntary” rules for notification and removal of possibly illegal content and are jointly duplicating the evidence-based policy work being done by DG Internal Market of the European Commission, which recently completed a consultation on this subject. Both have also been discussing upload filtering, to monitor all content being put online by European citizens.

CleanIT wants binding engagements from internet companies to carry out surveillance, to block and to filter (albeit only at “end user” - meaning local network - level). It wants a network of trusted online informants and, contrary to everything that they have ever said, they also want new, stricter legislation from Member States.

Unsurprisingly, in EDRi's discussions with both law enforcement agencies and industry about CleanIT, the word that appears with most frequency is “incompetence”.

The document linked below is distributed to participants on a “need to know” basis – we are sharing the document because citizens need to know what is being proposed.

Key measures being proposed:

  • Removal of any legislation preventing filtering/surveillance of employees' Internet connections
  • Law enforcement authorities should be able to have content removed “without following the more labour-intensive and formal procedures for 'notice and action'”
  • “Knowingly” providing links to “terrorist content” (the draft does not refer to content which has been ruled to be illegal by a court, but undefined “terrorist content” in general) will be an offence “just like” the terrorist
  • Legal underpinning of “real name” rules to prevent anonymous use of online services
  • ISPs to be held liable for not making “reasonable” efforts to use technological surveillance to identify (undefined) “terrorist” use of the Internet
  • Companies providing end-user filtering systems and their customers should be liable for failing to report “illegal” activity identified by the filter
  • Customers should also be held liable for “knowingly” sending a report of content which is not illegal
  • Governments should use the helpfulness of ISPs as a criterion for awarding public contracts
  • The proposal on blocking lists contradict each other, on the one hand providing comprehensive details for each piece of illegal content and judicial references, but then saying that the owner can appeal (although if there was already a judicial ruling, the legal process would already have been at an end) and that filtering such be based on the “output” of the proposed content regulation body, the “European Advisory Foundation”
  • Blocking or “warning” systems should be implemented by social media platforms – somehow it will be both illegal to provide (undefined) “Internet services” to “terrorist persons” and legal to knowingly provide access to illegal content, while “warning” the end-user that they are accessing illegal content
  • The anonymity of individuals reporting (possibly) illegal content must be preserved... yet their IP address must be logged to permit them to be prosecuted if it is suspected that they are reporting legal content deliberately and to permit reliable informants' reports to be processed more quickly
  • Companies should implement upload filters to monitor uploaded content to make sure that content that is removed – or content that is similar to what is removed – is not re-uploaded
  • It proposes that content should not be removed in all cases but “blocked” (i.e. make inaccessible by the hosting provider – not “blocked” in the access provider sense) and, in other cases, left available online but with the domain name removed.

http://www.edri.org/cleanIT  (leaked documents)

Permalink | |  Print |  Facebook | | | | Pin it! |

09/18/2012

rex mundi gives more information about the friday belgian insurer leak of thousands of personal info of Belgians

first he didn't have 300 databases, he has hacked 300 websites, this is according to him a big difference

secondly he says that the way he got in is still online and hackable

@mailforlen Just read ur post. We said we hacked 400 websites,not 400DB.. the Modulink backend can b accessed w/ passwords in today's leak.

@mailforlen Well, Tor yourself up and check some of those passwords! They do indeed work. Dummy table? nope.

it is one of the sites on the server of the developer of websites for insurance agents (co-hosting is bullshit if you have personal or confidential data)

@mailforlen Or better, yet. (and legal this time): Call some of the companies listed in our release. PS: You don't wnt 2miss our Friday leak

oh and what about all these other databases they have said they have but they finally didn't publish (of which some belgian)

@mailforlen Finally: We never bluffed. The fact that we didn't publish some of our data doesn't mean that we didn't have it.
 
01:57 PM - 18 Sep 12

this is the declaration

  1. We have been busy little bees this week, hacking our way into over 300 Belgian lending and insurance websites (full list below).
  2. What do all of these websites have in common?
  3. Well, they have all been designed by the same company called Webassur (http://www.webassur.be). The geniuses running this company apparently thought it would be a bold, brave idea to store all of their websites'data into the same SQL database. In other words, once we managed to hack into one of them, we immediately got access to each and every other website designed by Webassur.
  4. The data we stole includes the personal details of each customer of Webassur, along with details about insurance and loan applications made of the websites.
  5. We have offered Webassur not to release this data for the paltry sum of five thousand Euros, but, unfortunately, as of today, they have not complied with our demands.
  6. If someone trusts you with the security of their data, the least you could do, in our opinion, is to man up if your server gets breached and pay up.
  7. Webassur has until next Monday to pay us. If not, well, their customers' data will end up on the Internet, just like Credipret's and AmeriCash Advance's.

This is the list of firms that had confidence in webassur and is now on the hitlist

http://pastebin.com/rtt7QdyV

  1. www.zakenkantoorvangoethem.be
  2. www.janmakelaar.be
  3. www.remaut-verzekeringen.be
  4. www.ivoreggers.be
  5. www.besteverzekering.be
  6. www.vandenostende.be
  7. www.miel-dewals.be
  8. www.verstraete-vantomme.be
  9. www.alfa-verzekeringsmakelaars.be
  10. www.financecare.be
  11. www.a-groep.be
  12. www.verzekeringen-torfs.be
  13. www.huyghebaert.be
  14. www.vandaele-nv.be
  15. www.verzekeringenvandenbulcke.be
  16. www.kindermans-kantoor.be
  17. www.oelegem.be
  18. www.oraconsulting.be
  19. www.poperings-verzekeringsburo.be
  20. www.buckinx.be
  21. www.lvwgroep.be
  22. www.vanopstalnv.be
  23. www.bosteelsmarc.be
  24. www.assurex.be
  25. www.baelde-willems.be
  26. www.timaver.be
  27. www.abmonline.be
  28. www.vandaele-co.be
  29. www.kantoorvantomme.be
  30. www.brijsverzekeringen.be
  31. www.flamey.be
  32. www.awdd.be
  33. www.confidis.be
  34. www.maurobvba.be
  35. www.assurfinancekantoor.be
  36. www.beterverzekeren.be
  37. www.zakenkantoor-luyssen.be
  38. www.kantoorremmerie.be
  39. www.rallyver.be
  40. www.turnhoutsassurantiekantoor.be
  41. www.eurobeheer.be
  42. insurance.vanguardlogistics.com
  43. www.kantoorhuyghebaert.be
  44. www.gouwy-soenen.be
  45. www.madesco.be
  46. www.kantoorgallet.be
  47. www.randon.be
  48. www.lzkverzekeringen.be
  49. www.christoffels-nv.be
  50. www.verzekeringenlaevers.be
  51. www.kantoorverduyn.be
  52. www.holkos.be
  53. www.peirens.be
  54. www.sibova.be
  55. www.assurea.be
  56. www.vuylstekebvba.be
  57. www.kantoorvanraemdonck.be
  58. www.vandyck-verzek.be
  59. www.opic.be
  60. www.walschots.be
  61. www.group-assurlim.be
  62. www.antares-verzekeringen.be
  63. www.zakenkantoor-louwet.be
  64. www.verbi-bvba.be
  65. www.vandenbussche-huyghebaert.be
  66. www.finplan4you.be
  67. www.hansvereecken.com
  68. www.paulvanvlierberghe.be
  69. www.verzekeringencoenen.be
  70. www.verassin.be
  71. www.roveba.be
  72. www.zk-nys.be
  73. www.zakenkantoorcools.be
  74. www.andes.be
  75. www.cooremanenpartners.be
  76. www.Dellafaille.be
  77. www.vanhouttebvba.be
  78. www.credicom.be
  79. www.deVerzekeringsMakelaar.be
  80. www.zakenburo.be
  81. www.s-team.be
  82. www.zonassur.be
  83. www.smismans.be
  84. www.de-jonghe.be
  85. www.proassur.be
  86. www.rappe.be
  87. www.deriek.be
  88. www.kegelsvanantwerpen.be
  89. www.jacobs.insure.be
  90. www.heremans.insure.be
  91. www.kantoor-degryse.be
  92. www.vanoerle.be
  93. www.omniservice.be
  94. www.zktr-dewindt.be
  95. www.bvbadepauw.be
  96. www.verassur.be
  97. www.zakenkantoorthys.be
  98. www.haelewyck.be
  99. www.verschaeve.insure.be
  100. www.lesseliers-co.be
  101. www.tomvanboxel.be
  102. www.vervoort-willekens.be
  103. www.kantoordeknijf.be
  104. www.axadiest.be
  105. www.service21.be
  106. www.julienplessers.be
  107. www.unihypinsurance.be
  108. www.hertoghe.net
  109. www.vandijckbvba.be
  110. www.adviesgroephasselt.be
  111. www.thys.com
  112. www.saelen-castelein.be
  113. www.ktv.be
  114. www.sarahswijsen.com
  115. www.kantoor-gysels.be
  116. www.bogaertnv.be
  117. www.multiservicecvba.be
  118. www.limassur.insure.be
  119. www.groepcauweverzekeringen.be
  120. www.vsfbvba.be
  121. www.filipbehaegel.be
  122. www.zakenkantoorberben.be
  123. www.finadvies.be
  124. www.groepsteegen.be
  125. www.deverzekeringsmakelaar.be
  126. www.hamaver.be
  127. www.swaegersverzekeringen.be
  128. www.laval.be
  129. www.bellefin.be
  130. www.kantoor-rammant.be
  131. www.axium-advies.be
  132. www.centeaduffel.be
  133. www.assuritis.be
  134. www.copper.be
  135. www.kredietmaatschappij.be
  136. www.kantoorvanhees.be
  137. www.dvrbvba.be
  138. www.dhauwers.com
  139. www.coverbel.be
  140. www.vandekeere.be
  141. www.goedkopeautoverzekering.be
  142. www.westservice.be
  143. www.groupevanhelmont.be
  144. www.kantoordefreyne.be
  145. www.rafdeclercq.be
  146. www.goetryenkindt.be
  147. www.desiere.be
  148. www.johnnylouwette.eu
  149. www.bestelening.be
  150. www.triumfinance.be
  151. www.mhadvies.be
  152. www.hovemak.be
  153. www.depotter.be
  154. www.vandekeere.com
  155. www.kantoordhont.be
  156. www.coverco.be
  157. www.hostenbvba.be
  158. www.kantoorhoet.be
  159. www.kve.be
  160. www.patrickchoquet.be
  161. www.dexters-verzekeringen.be
  162. www.vvfinance.be
  163. www.kantoor-vermeire.be
  164. www.verzekeringenverschuere.be
  165. www.coudron.be
  166. www.leleu-vdb.be
  167. www.ludosevers.be
  168. www.finassur.be
  169. www.insurantis.be
  170. www.de-nil.be
  171. www.adico.be
  172. www.rudyvoet.be
  173. www.rivdata.be
  174. www.offias.com
  175. www.gfh.be
  176. www.kantoordewaele.be
  177. www.naegels.be
  178. www.assuraz.be
  179. www.kantoorbortels.be
  180. www.q-fin.be
  181. www.ics-verzekeringen.be
  182. www.buyck-bvba.be
  183. www.verassfin.be
  184. www.assuria.be
  185. www.meus-nouwen.be
  186. www.dumontbvba.be
  187. www.beckx-vanuffelen.be
  188. www.ejw.be
  189. www.kantoorvanpraet.be
  190. www.gvl-verzekeringen.be
  191. www.dego-bvba.be
  192. www.vandenstockt.be
  193. www.marcblancquaert.be
  194. www.driesmans.com
  195. www.groepvandevijver.be
  196. www.steenhoudt.be
  197. www.insurea.be
  198. www.kantoorwindey.be
  199. www.goelen-lst.be
  200. www.tverzekeringskantoor.com
  201. www.zakenkantoorvandebergh.be
  202. www.dannyvervoort.be
  203. www.laureysvaes.be
  204. www.geeurickx.be
  205. www.melis-debo.be
  206. www.zakenkantoorgeers.be
  207. www.eurocasco.be
  208. www.kantoor-nagels.be
  209. www.dehainaut.be
  210. www.bogaert-daneels.be
  211. www.deridderkris.be
  212. www.deborle.be
  213. www.gysemansnv.be
  214. www.maesvz.be
  215. www.colpaert-verzekeringen.be
  216. www.vtieghem.be
  217. www.madou-verzekeringen.info
  218. www.zakenkantoorvanhoutte.be.insure3.be
  219. www.kantoorvanhoutte.be
  220. www.groepdenkens.be
  221. www.pvandekerkhof.be
  222. www.agathass.be
  223. www.ambverzekeringen.be
  224. www.kantoor-cms.be
  225. www.adfinas.be
  226. www.drconsulting.be
  227. www.finplanning.be
  228. www.adva.be
  229. www.wonemar.be
  230. www.assurdel.be
  231. www.finover.be
  232. www.bvbadelforge.be
  233. www.callaertverzekeringen.be
  234. www.oudenaards-zakenkantoor.be
  235. www.vacmakelaars.be
  236. www.dvls.be
  237. www.kantoorcassimons.be
  238. www.de-rocker.be
  239. www.vanmeirhaeghe.be
  240. www.verzekeringnodig.be
  241. www.delcroixverzekeringen.be
  242. www.verzekeringskantoortwc.be
  243. www.vancauwenberghe.be
  244. www.carlvanhoutte.be
  245. www.beets.be
  246. www.berrens.be
  247. www.francois-steenbeke.be
  248. www.credicom.be
  249. www.holderbeke-borloo
  250. www.degroote-avelgem.be
  251. www.claesenknoops.be
  252. www.davidpoot.be
  253. www.kantoorhbl.be
  254. www.assurmo.be
  255. www.rafdaenen.be
  256. www.anko-invest.be
  257. www.harolddevisscher.be
  258. www.looisverzekeringskantoor.be
  259. www.assurlan.be
  260. www.assurancesbrotcorne.be.insure3.be
  261. www.derveauxrubens.be
  262. www.drb-finance.be
  263. www.barriefinance.be
  264. www.affirmo-insurance.be.insure3.be
  265. www.smoldersverzekeringen.be
  266. www.vanbavelrommens.be
  267. www.domnv.be
  268. www.vbma.be
  269. www.Kantoor-Duprez.be
  270. www.fidelisteam.be
  271. www.s-team.be
  272. www.s-team.be
  273. www.s-team.be
  274. www.s-team.be
  275. www.ad-finance.com
  276. www.s-team.be
  277. www.s-team.be
  278. www.s-team.be
  279. www.proplan.be
  280. www.dvl.be
  281. www.johandesmet.be
  282. www.avkverzekeringen.be
  283. www.s-team.be
  284. www.s-team.be
  285. www.gebruers-ghoos.be
  286. www.verzekeringendgm.be
  287. www.krebaver.be
  288. www.kantoortheeus.be
  289. www.asekura.be
  290. www.nv-govaert.be
  291. www.assuconsultavlb.be
  292. www.kantoorjans.be
  293. www.vannijvel.be
  294. www.insuras.be
  295. www.dbdv.be
  296. www.verhybel.be
  297. www.spaarconsult.be
  298. www.verzekeringen-missinne.be
  299. www.dekoma.be
  300. www.ccverzekeringen.be
  301. www.zakenkantoorvanlinthout.be
  302. www.vadassur.be
  303. www.clincke.be
  304. www.henkdemeyer.be
  305. www.lissens-vanderplas.be
  306. www.kantoorbogaerts.be
  307. www.eak.be
  308. www.zakenkantoorvandeneynden.be
  309. www.veiligsparen.be
  310. www.kantoordaenen.be
  311. www.degeest-nv.be
  312. www.holderbeke-borloo.be
  313. www.lommelszakenkantoor.be
  314. www.ziekenhuisverzekering.be
  315. www.directassur.be
  316. www.guydriesen.be
  317. www.bogaertsbvba.be
  318. modulink6fr.insure.be
  319. www.kantoorvandenbroecke.be
  320. www.deleenmeesters.be
  321. www.kantoordasseleer.be
  322. www.zakenkantoormb.be
  323. www.kmoverzekeringen.be
  324. www.webassur.be
  325. www.declercq-ryheul.be
  326. www.zakenkantoorhoutman.be
  327. www.cosure.be
  328. www.assurop.be
  329. www.wiewauters.be
  330. www.verzekeringenvandenbogaerde.be
  331. www.kantoorthielemans.be
  332. www.fidesca.be
  333. www.verzekeringenvandenbranden.be
  334. www.beyens.info
  335. www.kantoorvanbiervliet.be
  336. www.zakenkantoorhendrikx.be
  337. www.joostdemoen.be
  338. www.kantoorgeysvreysen.be
  339. www.vandes.be
  340. www.desombe.be
  341. www.carcover.be
  342. www.assurantia.be
  343. www.nicoandries.be
  344. www.deverzekeraar.be
  345. www.kantooras.be
  346. www.thierie-boyen.be
  347. www.kantoorvandenbroeck.be
  348. www.verzekeringen-fonteyn.be
  349. www.tsjoen-verzekeringen.be
  350. www.daeseleire.be
  351. WWW.ASSURSERVICES.BE
  352. www.vanbiervliet.biz
  353. www.kantoorvv.be
  354. www.centeahoeilaart.be
  355. www.financieeladviesbureau.be
  356. www.dileass.be
  357. www.devreese.be
  358. www.vanlierdemarc.be
  359. www.profina.be
  360. www.jsdheylen.be
  361. www.rossignolternat.be
  362. www.autoverzekering-online.be
  363. www.roveba.be
  364. www.maxikrediet.be.modulink.be
  365. www.kinderenvandewereld.be.brokersite.be
  366. www.online-verzekering.be
  367. www.madescorumbeke.be
  368. www.arvconsult.be
  369. www.demoor.net
  370. www.assurpoppe.be
  371. www.buroderoeck.be
  372. www.groepvanhees.be
  373. www.geng.be
  374. www.groeneverzekering.be
  375. www.vankeymeulenbvba.be
  376. www.dkv-verzekering.be
  377. demo.modulink.be
  378. www.decubber-daneels.be
  379. www.anthonis-verzekeringen.be
  380. www.courtierbancaire.eu.modulink.be
  381. test.modulink.be
  382. www.vandenwegheverzekeringen.be
  383. www.zakenkantoorvangoethem.be
  384. www.kantoorgeebelen.be.vs05014.virtualserver.priorweb.be
  385. www.willemsenpartners.be
  386. www.verzekeringentrybou.be
  387. www.senioren-verzekering.be
  388. www.rafpostelmans.be
  389. www.schotte-derudder.be
  390. www.huysmanbikeinsurance.com.vs07013.virtualserver.priorweb.be/
  391. www.focusverzekeringen.be
  392.  
  393. SAMPLE DATA  (belsec has deleted some)
  394. -----------
  395.  
  396. Client ID:900    
  397. Name:Verzekeringskantoor J. Decubber - Daneels 
  398. Email: stef     
  399. Password: 
  400. City: Maarkedal
  401. Zip Code: 9681 
  402. Address:     
  403. URL:www.decubber-daneels.be    
  404. Phone: 055   
  405. Fax: 055/
  406. Name: Stefaan Decubber 
  407. Cell phone: 0475
  408.  
  409. Client ID: 807
  410. Name: Swaegers Verzekeringen
  411. Email:     
  412. Password:      
  413. City: Turnhout 
  414. Zip Code: 2300 
  415. Address: Kempenlaan      
  416. URL: www.veiligsparen.be       
  417. Phone: 014    
  418. Fax: 014/      
  419. Name: Koen Van Hees    
  420. Bank number: 320-

 

Permalink | |  Print |  Facebook | | | | Pin it! |

09/14/2012

international fed of pharmacists hacked and data released

International Pharmaceutical Federation (FIP) The global federation of national associations representing 3 million pharmacists and pharmaceutical scientists around the world.  Fip.nl

the file with all the names and passwords and emails is here

http://www.anonpaste.me/anonpaste/index.php?81e35f465cb86a95#Bs/8df3ca1t20yqTm6MEp7MrH+AdUw8ifEI7+fhGHxY=

a few thousand and about 1.5 MB

Permalink | |  Print |  Facebook | | | | Pin it! |

09/11/2012

Apple UID, it is in fact an mobile application firm that lost it (and didn't know)

So we know already about malware and spyware mobile apps sitting in the libraries (and even more on the web)

we have learned about the privacy concerns of all that data going to mobile developers

but as they were American we supposed they were guaranteeing the security and privacy of it all

it now is becoming clear that it is not a FBI agent responsable for recruiting new informers and agents on Facebook and boasting about it but the firm that was hacked and lost its clients connection data (and more according to Anonymous, probably all client data (but they forget to mention this in this article as source)

and after the release and even after the declaration of the source by Anonymous (like a Len Deighton novel, you never know who is doing what why for who) app developers were scrambling to find out if it was their data

not this firm, they had to be contacted by an independent security researcher (nice work) to go themselves to their database and compare the two to see that for more than 90% it was the same data and they contacted the FBI and don't release more information because of the 'ongoing investigation'

so what is clear from all this

* the information was not professionally encrypted or scrambled

* the information was not enough protected with data leakage prevention

* there was probably more information than strictly needed

* some parts of the information were not seperated according to use (billing, usage and login, profile)

time to modernize that wild mobile west

http://redtape.nbcnews.com/_news/2012/09/10/13781440-excl...

https://www.google.be/search?q=Blue+Toad+publishing+company

oh and remember there are 12 million UID's stolen and all other member data also financial is also in the possession of them, they only released one million and only the UID's (they claim)

Permalink | |  Print |  Facebook | | | | Pin it! |

09/10/2012

TPP the most secretive attack on our digital freedom of speech (ACLU)

In a recent blog post, Sandra Fulton of the American Civil Liberties Union's (ACLU) Washington Legislative Office, described the Trans-Pacific Partnership agreement (TPP) as the "biggest threat to free speech and intellectual property that you’ve never heard of." In her post, she reminds readers that the USTR is not only pushing for TPP and its proposed changes to intellectual property law, it is doing its best to avoid Congressional oversight. For instance, the USTR has recently rebuffed a request from the staff director on the Senate Finance Committee's International Trade Subcommittee to review documents pertaining to the negotiations. 
https://www.eff.org/deeplinks/2012/09/aclu-joins-TPP-debate

Permalink | |  Print |  Facebook | | | | Pin it! |

#opbigbrother coming soon to private spy agencies and software and public intrusive agencies

  1. Information about the offline Protests and Online Protests here:
  2.      
  3. News and Infos:
  4.      
  5.     » http://we-are-legion.eu
  6.      
  7. #Trapwire
  8.     » http://pastebin.com/fkzhxLf9
  9.      
  10. #Indect
  11.     » http://gegen-indect.pwny.biz
  12.      
  13. Activists of the world. We need you! Organized protest agains #trapwire #Indect 20.10.2012 Enter your Country and City in this PAD!
  14.      
  15.     » Pad » https://pad.riseup.net/p/OpBigBrotherPublic
  16.      
  17. Event 20/10/2012
  18.      
  19.     » on FB » https://www.facebook.com/events/472394996105541
  20.      
  21.     » Homepage » http://we-are-legion.eu
  22.      
  23.     » on Google Maps »    https://maps.google.com/maps/ms?ie=UTF&msa=0&msid=200186625117421185333.0004c61615777b4f2813b
  24.      
  25. Contact:
  26.      
  27. Via Twitter:
  28.      
  29.     » Hashtag » #OpINDECT #OpTrapwire #TRAPWIRE #INDECT #OpBigBrother
  30.      
  31.     » Opindect Account » https://twitter.com/OpIndect_
  32.      
  33.     » Opbigbrother Account » https://twitter.com/opbigbrother
  34.      
  35.     » Account Taskforce INDECT » https://twitter.com/StoppINDECT

Permalink | |  Print |  Facebook | | | | Pin it! |

09/06/2012

soon a very important update for Firefox and Chrome coming to protect your https traffic

Https is what should have been used to protect your password, your financial transactions and other commercial or private activities

As they protect the jewels of the web, these protocols are also permanently under attack from security researchers and sometimes one of the best will find a way to think out of the box, do things differently and find a way to decrypt the information (this is to say read what is in it, like a password)

This attack - if the pre-conference hype is right that is is much more dangerous

* there is no workaround

* it works with javascript but also with static html

* it works with even the latest version of the SSL suite

the only information that is available for the moment is that

* it is a feature (I hate such features) of the ssl package that leaks the information (probably it can be desactivated and it wouldn't surprise me if it in fact isn't necessary at all, more is less in fact)

* they need to be man in the middle (between PC and website) and be able to sniff the traffic

* they need to decrypt the cookie (always too much information in this)

http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-...

also remember that they are the developers of the BEAST attack against the SSL suite

although what they have developed on paper and what seemed probably in a testenvironment it is a very rare attack that is very seldom or not used

Permalink | |  Print |  Facebook | | | | Pin it! |

help the securityresearchers identify who gave those one million Apple UID's

To identify who did give away their user’s information all I need is some information about what the released user devices have in common. Knowing that only applications having push notifications are supposed to have your UDID.

 

If your UDID is contained in the list, take a minute to help us identify the traitor that did give your information to the FBI without any your agreement and without warrant !
http://fredericjacobs.com/identifying-the-traitor

go to the link and participate

there is no personal info included

and nobody will say it themselves and nobody has done it

Permalink | |  Print |  Facebook | | | | Pin it! |