belsec - Page 2

  • belsec netvibes dashboard gets a relift

    Untill now there was a bit of everything.

    Now we have only kept the tools and links to keep an eye on that have something to do with ITsecurity

    We will check those links in the coming weeks and fill in the backlog of a few hundred new resources. Those will be added.

    Other changes will be possible and probable. The work will be finished by the first of september at the latest.

    But than you will have one interface for all the online apps and interesting important links that you should have if you have something to do with security.

    The rest of the links is in which is still open

  • ICANN is coming to Brussels - let it be a breakthrough

    There are many things that need to be decided like the porn domain and a lot of other things about the security and responsability of existing and probably new domain registrars.

    See you there

  • upgrade slideshare account

    have updated the slideshare account with about 80 techpersons that are being followed and about 300 slides that are favourited

    from time to time this will be upgraded from time to fime

  • what is the news value of Twitter

    Although I appreciate that many people find Twitter to be valuable, I find it a truly awful way to exchange thoughts and ideas. It creates a mentally stunted world in which the most complicated thought you can think is one sentence long. It’s a cacophony of people shouting their thoughts into the abyss without listening to what anyone else is saying. Logging on gives you a page full of little hand grenades: impossible-to-understand, context-free sentences that take five minutes of research to unravel and which then turn out to be stupid, irrelevant, or pertaining to the television series Battlestar Galactica. I would write an essay describing why Twitter gives me a headache and makes me fear for the future of humanity, but it doesn’t deserve more than 140 characters of explanation, and I’ve already spent 820.

    although twitter has replaced some blogging (the kinds of blogging that just takes links, quotes and pics) it will not replace those thoughts that take longer to explain

    far from the chaos of all, you should select those that send meaningful information to twitter in the form of

    * links

    * things happening real-time (protests, disasters,....)

    * bypassing censorship (Iran, China,...)

    And for the rest I agree, for me it is just a repetition machine and a realtime link index.

    by the way, the twitter lists have been extended

     @mailforlen/news-society Following: 12
     @mailforlen/technews Following: 13
     @mailforlen/antispam Following: 9
     @mailforlen/forensics Following: 2
     @mailforlen/securityvids Following: 8
     @mailforlen/securitefr Following: 11
     @mailforlen/tools-freeware Following: 9
     @mailforlen/exploits Following: 44
     @mailforlen/secmagz Following: 14
     @mailforlen/privacy Following: 33
     @mailforlen/security-events  Following: 20
     @mailforlen/virus-tweets Following: 30
     @mailforlen/security  Following: 197
  • twitter account updated with new ITsecurity lists

    tools-freeware Following: 5
    Followers: 0
    exploits Following: 32
    Followers: 0
    secmagz Following: 13
    Followers: 0
    privacy Following: 31
    Followers: 0
    security-events security events Following: 20
    Followers: 0
    virus-tweets Following: 27
    Followers: 0
    security internet security Following: 162
    Followers: 0

  • just a small welcome back and some clarifications and rules for belsec2

    I see in the log that readers from institutions and organisations and press from all over the world are logging on again

    I am back unless they shut it down or want to fire me

    And it are facts and only the facts

    I hate no one and I love you all :)

    All the internal commercial and office politics I don't give a damn

    But good to see you coming back

    take the RSS feed or the twitter

    I have to clean up a bit but essentially it will work on three levels

    * dashboard (links and tools and special pages)

    * this blog (some articles, mostly Belgian)

    * diigo (already 30.000 links and everything that interests me)

    Oh and just to be clear not everything is organized as it should be or tagged or whatever. If I would start doing this It would become a day job and I am not paid for that. And the more I organize the less I think, read and write.

    Oh and yes It can be that I will be talking about other things that are risk involved and have in a strict sense nothing to do with itsecurity at the most limited view. I have a higher level of security in which electricity and risk and other things are also important. Even IT is sometimes just a small part of the risky lives we live in this risky world and how we are enjoying every minute of it :) Imagine that we wouldn't have to worry about anything and everything would always work as it should and everybody would always be nice to each other and fair and honest ?

    Also to be clear this is my PERSONAL opinion and fact misson. Not only letter on this blog can be attributed to my other campaigns (ISOC) or my employer. This is my personal space of personal freedom in a democratic society in which I disclose things that anybody can already find on the internet if he knows how.

    Stuff that I receive will be handled accordingly. It may be published. It may be held secret and sent to the appropriate channels. If you want your name to be kept secret you should say so from the beginning (and in that case use proxy and other anonymous routes to send your material). If even if you want it published there are unacceptable risks because this blog has a certain redistribution and readership, it will be so.

    We are here to secure the Belgian internet for its users, by any lobbying and investigation possible by Belgian law. (not much in fact)

  • the definitive goodbye

    Monday there will be the official announcement of the Belgian CERT something we have fought for since 2004 and got into Belgian law in 2006 and pushed as the highest priority since 2008. I won't work there, for those who have asked. I can now relax a bit and don't have to play freelance CERT without having the resources.

    Friday was the first day of Brucon which is organized by a group of good guys and some girls and proves that there is a will to make things happen and to work together. I helped a bit today, but it is mainly their work and they should be proud of their work. It was a good event and there were many people. Tomorrow there is even a party. I won't be there I have family from the US coming over and before they leave to discover more or Europe, I should spend some time with them and my family.

    I am already looking forward for Brucon 2010. The minister didn't come and the public annoncement of CERT (or any announcement) didn't happen. His loss. He lost the opportunity to get the historic picture of a minister being applauded by the community for realizing something they have been fighting for for years. His loss. If I angered some people by my hardhanded tactics to try to force the situation, excuse me. I bluffed and I have lost this time.

    I am reading this blog now

    this is a definitive closing down of the belsec experiment. It has been interesting to say the least.

  • brucon gives extra ordinary SQL presentation

    If you are asking yourself if those sql attacks against the Belgian banks were just an accident or some stupid attacks from kiddies or one of the smartest weapons (together with xss for example) around, you should go to this presentation

    Brucon the Belgian place to be for securityminded IT people  18th-19th september

  • GO to brucon I am

    If you are in Belgium the 18th and 19th of september you should go to in Brussels. It is not free but I don't think there is any ITsec happening in Belgium where so many people that are thinking about and working with ITsecurity will be together. Not the commercial stuff, not the salespeople but the real ITsec researchers, testers and 'hackers' (refusing the limits of discussion).

    If you are serious about Itsecurity you should be present.

    If it is not for the speakers, it is to network.

    Belgium is a small country, so if you want to know who is an active ITresearcher and will make name in the future (or already has like some bloggers) you can't miss this event.

   (there are still some tickets available, but you shouldn't wait too long)

  • Belsec will integrate in ISOC (Belgium chapter)

    The last year we had several times to use all our imagination to keep people out of court or to publish information about critical securityproblems with some ITprojects (EID). It was clear that with the very vague Belgian cybercriminalitylaw we were very limited in our possibilities and we had to be sure that we had our back covered before doing anything. An open discussion about ITsecurity is something different as also some University researchers discovered.

    The last year we also pushed for some new legislative and policy decisions and some are more or less established (the decision to establish a CERT finally) but some other still need some initiative. It was clear that even if we had some influence from the bloggersworld that we had to move up the ladder to the level were we would be involved in the discussion instead of discussing them afterwards.

    My readers also know that after 5 years my family around me asked me to take some hard decisions and put me before some hard choices. The virtual world is beautiful but even if you are all day before your computer, you are alone. And all the rest is one big illusion. So I also decided to use my limited resources in a more effective way.

    The only goal of EKZ, mailforlen or Belsec is just to change policy so that the internet becomes more safe for everyone. I am not making many friends with that and the victims of the present situations don't understand very well what is all about, but in the end if our actions lead to a more secure internet and a more responsable attitude and response by those responsable for guarding and securing this and other digital networks, it won't be in vain, how little progress even may be.

    So after some discussions the last months, belsec has decided to integrate into an international organisations and to try to get some policy things and some thoughts about ITsecurity directed in a better way. The international organisation is ISOC and the Belgian Chapter will set up a group about esecurity. All details are not really filled in yet and some things may be changed during the course of events, but ISOC belgium has the clear intention of setting ITsecurity on the top of the agenda.

    This is normal because you can't have quality or good communication or transactions without security. Security is the beginning and ending of everything that is code. And you are only as secure as the weakest link.

    There are many and big plans but it is my intention to begin one step at a time. Also we will try to push for self-regulation and responsability in a first phase. If it seems totally unrealistic, than the government will have to step in. But normally the online Belgian world will have to understand that it is in their best interest to act more responsably and to set up their own strict self regulations and controls and punishment proposals if they want to be the safest place on the world wild west.

    For us it is a new beginning. We will do our best not to offend someone or to come out with proposals that won't take the other side under consideration. We will do everything to work with people and organisations or institutions and hope that they will understand that with a bit of good will we can accomplish much.

    I have already heard a lot from some people and some initiatives and organisations have already contacted us to work with us. You can still contact us, we are always open for new ideas and initiatives. We will however try to limit double work or to rewrite the bible. 

    You can find us at 

    The information on these blogs will not be updated anyhow. It is not yet clear if we will migrate totally to isoc with the rest of the information around here.

    For the flemish people, read De standaard tomorrow.

    I don't know what will be written, so it will be a surprise.

    Thanks and good bye

    ps Belsec was a collective and not everything written under the alias is to be attributed to the person that will take part in the ISOC structure in Belgium from now on. He will deny having written himself anything here. Just for legal reasons.

  • the closing down of the belsec network - a new task lays ahead for us

    The goal of my action is changing things and setting things in motion. It is not looking for ways to earn more money or to promote myself. The goal is a public service.

    To change things you have to change laws and to set the necessary institutions and organisations into place and to make those that could be responsable act as if they are.

    We have been doing this from this blog and this information in Belgium. Some of the Belgian security bloggers have even set up which is the first ITsecurity event in Belgium. I hope it helps pushing more people to do things, to do research and to have open discussions about the risks of all those new cyberpossibilities if you don't take security as a basis of your design (and not as an afterthought).

    More news will follow in the coming days, but this blogaction is closing down. It has been a very interesting last 5 years (ekz, ITenquirer, belsec) but as new opportunities arrive by which we can do much more with less effort and with more authority, we are obliged to take them and use them. It would be irresponsable for us not to take that opportunity.

    If it proves to be a fata morgana, we will be back again, no doubt about that.

    Secondly, there is now a National CERT in preparation and it is up for that CERT with people who are paid to do their job to do their job and it is up for the parliament and the stakeholders to see to it that they are doing their job as they are supposed to do. They shouldn't be thinking for a second that they only have to do a little more than me or just use what is being used here. They have to do it by themselves. They are paid to do it, they are intelligent enough to do it, so they just should do it. And no excuses. This is not a job for volunteers who have other things like jobs and families and a private life to think about. Volunteers come and go, while a national CERT should be there to stay.

    Thirdly It should be clear to everyone that I can't be Belsec and the new positions at the same time. It should be clear that this is for everyone a new beginning of a continuing battle for a secure internet in Belgium and that old disputes and thoughts are a thing of the past and that we will all have to work together in some form or another to get this going, one step at a time. So it is better to stop the Belsec thing altogether so it is clear for everyone that the Belsec period - as an activist provocateur period - is over and that the time of searching for practical solutions and propositions has started. Something we also have already proposed during the hearings in our parliament.

    Those who have contacted me in the last years will receive soon an email with more information and a proposition to join me in this new opportunity to get things changing a bit faster than we are used to in cyberworld here.

    I loved every minute of it and I appreciated the millions of visitors the last years.

    I am sure that the other Belgian security bloggers and brucon will continue to do their thing. If there are people who want to start also a security blog in Belgium they should get into contact with

    ps some resources will not be updated anymore and some will be deleted. The idea is also that new and more tools and resources will be available for members of the organisation.

  • an OPML file with 1200+ rss feeds about IT, IT security and physical security and risk (terrorism etc...)

    When I tried to upload the XML OPML file to bloglines it was the same story again. Folders were a mess, older folders and feeds were coming back and not all feeds were added. So It decided that enough is enough and I am not going to spend some hours at trying to fix this.

    So I thought of something better. Here is the OPML file of all the feeds. You can import it for your personal use. If you want to incorporate it as such or a bit changed in your website, than you should contact me before - out of courtesy I think.

    It is a personal selection and many of the folders have been re-organized to make it easier for me to work with in Google Reader. There are fewer of them but the selection now is more or less permanent.

    Some feeds are also gone - you will find them on the dashboard but just to warn you - the dashboard only works well with firefox (Internet Explorer takes a lot of time) and when you have given it enough rights (noscript will for example block a lot of things). I have taken away many of the self-loading things and try to limit it more to feeds and links but some things are better when you can follow them directly (for example the speed of the Belgian websites and the malware monitor).

    The next big update is for september. There are a lot of other feeds waiting to be added and there will also be some cleaning up. Feeds that don't publish stuff very often are no feeds and will be retired except if they are important an sich.

    In the dashboard itself a few hundred links have been added so far. The dashboard is changing also. Now that the feeds have been re-organised, the dashboard will be the next point of attention. The weather page is gone because it took to much loading time. It has been added as links on the map page.

    The freeware blog will also get a new future in september. It will present freewares day with a direct download. The selected freewares will be useful as I use them myself.

    The ebookblog is still under consideration and work.

  • so many people on both lines of security that are gone

    I am shifting through some hundreds of links and feeds. The result of which you will be able to see and use in hte coming weeks.

    But what is amazing is that so many people seem to have gone. So many ITsecurity blogs and hackersforums (you need to get your info from somewhere). Just gone.

    It is just a pity that they are gone. Meaning that all their work is just gone. It is out there somewhere. But maybe someone in the ITsecurity business should start a project of archiving all the papers en analyses and blogs. Because - as bugs sometimes seem to be years old - someone somewhere may find the thing he is looking for at that time to resolve a problem that has been written about now but that nobody cared enough about to fix it.

    It also reenforces the argument that we need a real cert with real people who are paid to work all day because it is clear that you can't let the security of your networks depend only on activists and volunteers.

    At some time they will just stop. There are other things in life than being a volunteer or activist.

  • for IT professionals with too little time to monitor

    We are setting up a page on which you can monitor about all that has been kept and written around here.

    There are for the moment two tools - widgets that you can place on your blog or igoogle or whatever.

    And on the page a set of links and feeds

    the freeware and bookblog will be re-energized shortly

    Meanwhile the whole dashboard is getting new links every day (cleaning house) and there are lots of new feeds that will be added to the bloglines index also

    On the dashboard a great number of applications and widgets have been removed in the hope to limit any difficulties in speed or loading.

    But as you will see, there has already been some great work

    I don't think there are many other resources like that around here (but if you know some more practical tool links that could be of interest, just mail them)

  • skynetblogs under attack from spammers - since weeks

    Skynetblogs have been under attack from some Ukranian spammers and that has led to some functional problems and to some blocking problems. The first are technical problems that were at one side the result of the intensity of these spammers and at the other side the result of the limitations that skynetblogs had to impose on its own community. (and no you can't export your blog around here and leave....)

    This has been going on for some weeks now but if you thought that the skynetblogs team has even thought of taking the necessary actions (expect from panick and treating the problem as it arises) than you are dead wrong.

    One of the very active bloggers cms has been the victim since some weeks now. They say that everything is under control now, but that is not - I repeat NOT - true.

    First to cms (the problem - that you didn't find nor your friends nor the technical teams of skynet is in these comments somewhere - probably a bit of infecting code)

    The problem is this post

    CMS's Cage of Thoughts - IMUCON ARMAGEDDON- Spreading the Disease

     - [ Diese Seite übersetzen ]

    Diese Website kann Ihren Computer beschädigen.
    Also Spits Jeronimo Hey Tjsoolders, Kom mo' binn'n en zet ulder neere! Take a seat please and have a fruitpunch! It tastes like bittersweet strawberry and ... - Ähnlich -

    Don't ask me why Google results are all of sudden in German for thit page but this is  the blocked page that is the culprit of it all.

    So clean it up and make a Google webadmin account. is malware according to and they even have a blog around here

    So what should happen now to stop this

    1. They will have to reinforce their captcha's. They are too simple.
    2. They should desactivate a bunch of sleeping blogs so no comments could be send to them so they couldn't be used as another hop in the malware infection.
    3. Letting code in your comments is just plain stupid nowadays. YOu could now make hidden iframes in it that even Google won't see but that will still redirect the visitor if he has not a secure pc or browser.

    Yes these are hard choices, but it are hard times also for the community around here so it is time to take hard decision - at least for the time. You could declare it orange for the time and install those limits and apply those limits according to the technical and security situation.


  • they call it social but they are all living in prisons

    So whatever the blablabla and the propaganda and the listen-to-me-I-can-talk-too repeaters of what is the hype of the day, there is nothing social about web2.0

    Take RSS feeds. The RSS feeds are in different formats (atom and xml and rss and whatever inbetweens I may have forgotten). If you think you can just use them in whatever RSS reader you may use, forget it. THere are feeds that go in Bloglines, but in Netvibes or Google reader. The reason I use feedburner is that they can make it easier to be used everywhere.

    Take widgets. That dream of having your info in a small box next to you on your desktop or your webpage or blog or social page or whatever. Do you really think you could use those widgets on whatever html, xml or whatever service you are using. No try importing Google widgets in Netvibes and vice versa. Doesn't work that good.

     I am thinking of killing the widgets and just keeping the links and the feeds. They seem to load faster. They are also very badly coded sometimes. I don't think they will ever replace pages. But maybe the pages should look more like widgets (that is to say have less stuff on and around them (popping up and under).

    Those two things are making life very hard for an information-watcher. Hard to maintain and hard to set up.

    Maybe we need to be more functional and less siteminded. The future is for he who integrates the different functions of the information gathering and management process or makes a coalition of services to offer an unified solution.

    I would love for example to be able to click and save my links in Google reader directly to diigo.

    In the end only a few such services will remain and they will survive by working together or going under each apart.

  • EKZ is terug and more focus around here

    The more typical Belgian stuff that has nothing to do with IT or security or yes but that is too difficult to explain in english to non-Belgians will go to the EKZ blog.

    The idea is to have more focus here around and still have some forum to get those ideas out of my head.

    Ja, hij is terug en zal weer van zich laten horen in zijn gekende ongezouten stijl. Geen stijl dus. Maar neem de dingen niet te persoonlijk. It is just the facts man in a free democratic country.

  • A security dashboard for busy IT people

    I have been playing around with different startpages but netvibes seems to be the best one around. So this is the format everything is moving to, it will be the central place.If you want to follow the updates there, you must become member of netvibes. Than you can copy whatever  things I have made to your own pages. And as long as you don't abuse it or present it as your own I don't have a problem with that. Just don't expect that I won't change anything around there. Things will be changing weekly and links may move from place or to be subdivided or reorganised.

    The biggest re-organisation will be the replacement of the linkmodules and a big number of direct search modules in simple text links.

    Because it takes too much time loading all that stuff and it is too difficult to check the links in their linkmodule (especially if you have many).

    So you will see more and more feeds and text blocks with links coming up in the differen pages. On this blog you will find a directory of the pages at your left of the blog.

    I think most of the names speak for themselves. Only the feeds need to be realtime and very practical or they need to be so specific that you need to have a global overview. The news of the last week you can look up through Google, but what is happening today you need to see at one glance on one page from different sources in different languages.

  • how to integrate those buttons in your skynetblog

    At the demand of some around here, here is the code

    For presentation reasons the links to the images have been cut but you will have to put them together on one line

                      <span class="description">{DESCRIPTION}</span>

    </div></td><a href="" target="_blank"> <img src="


    <a href="" target="_blank"> <img src="

    /dyn001_original_100_30_gif_2646565_48c7e8115a6c36bf79527dc6c81ef10d.gif ">

    <a href="" target="_blank"> <img src="

    dyn001_original_100_30_gif_2646565_7c7e8646cca01cd0f3a6a3ddc36f9d45.gif ">

    <a href="" target="_blank"> <img src="


    <a href="" target="_blank"> <img src="


    <a href="" target="_blank"> <img src="


     </a><a href="" target="_blank"> <img src="


    </a><a href="" target="_blank"> <img src="

    dyn002_original_100_33_gif_2646565_efa7cbac65ce816fea63836d9a508ca7.gif"> </a>

    <a href="" target="_blank"> <img src="


    <a href="" target="_blank"> <img src="




    You may always integrate some of these links as this in your blog :)

    How do yo do this ?

    First make a testblog - with no public publicity (see settings may Skynet make publicity NO)

    You make a post and in the post you upload the pics (small or a banner) in your post

    You give it a name like banner or first  pics (just to remember)

    Than you post the post and look at it afterwards

    You will find the links of the pics on the skynetblogs server (which is always faster than another external server) by rightclicking (the rest you know I suppose)

    You change the links to the pics in the code and there you go

    You will have to test a bit to keep it straight

    and before you say it, yes the pics are not that good done, but for the moment that is all I have time for.

    Every link will open in a new screen

    If you put popup code in it many browsers may start blocking your site nowadays.


    How to place it in your blog ?

    You go to settings and go to advance

    Do not make other changes at the same time.

    Go not to the style sheet but to the the content style

    search for <span class="description">{DESCRIPTION} span / and copy the links and buttons after it before the </a>

    and you are gone

    I am not responsable if something goes wrong. Use it at your own risk.

  • More than 1000 feeds and thousands of links in one public online reader

    For the moment a big battle between the last big remaining online Feed readers is on its way. It is between the good old Bloglines and the Feedreader from Google. Both have their advantages and their problems (and the OPML code between the two is not functioning as should)

    We use both here. Because Google Readers starts faster if you have an enormous list of feeds. But only Bloglines gives you the possibility to share your feeds (and not the postings). In an open intelligence environment, this is important because you give the source of your selection to everyone who could select other things or propose new feeds and sources (please do).

    We also use diigo because they keep (sometimes it is not 100% far from it) a cached copy of the article.

    So how does the information flow go ?

    The information comes in by feed (if there is a feed and don't tell me there are feedmakers for pages that don't have a feed, they work more often not or half or aren't readable) in Google Reader. There is a selection of things to share (feed in the belsec folder of bloglines). Some of these things are worthy of further reading and are copied to dijgo. And the most practical are published on the dashboard (still heavy under development). The most interesting are published as a posting with some comments (you know me). And all of these postings are reposted on twitter.

    For the moment I am trying to get more things done with diigo. So some feeds (bookfeeds for example) are for example not active anymore. The reason is that the collection of the links goes directly by diigo. Like many sites they don't have feeds for everything.

    Once a month the OPLM collection of feeds from Google reader is transferred to Bloglines. THe next update is for in 2 weeks or so and already this will be a huge update and cleaning.

    One thing that is already happening is that feeds with only alerts (viruses, spam, attackers, exploits) have been moved to the dashboard at Netvibes. But the dashboard will be explained in another posting. But you will see that (even if there is still much work to do) that you will find a more or less complete page with very practical online tools and alerts for each subject that we find interesting.

    Just as a reminder. You can't sell this stuff, even not repackaged or integrated into a bigger package. And you should relink.

    For the rest, happy reading