""De Belgische grondwet voorziet niet dat een zetelende koning afstand kan doen van de troon en dat er dus een opvolger komt terwijl dat de koning in functie nog in leven is", legt grondwetspecialist Ghysels uit. Volgens hem zit koning FIlip dan ook ongrondwettig op de troon. Dat brengt natuurlijk ook heel wat gevolgen met zich mee waarschuwt de jurist. "Strikt genomen zijn alle besluiten die koning Filip ondertekent, die dat niet grondwettig geworden is, ongeldig.
dit betekent dat het federaal veiligheidscentrum niet kan worden opgericht en dat de directeuren er niet kunnen benoemd worden, maar zo zijn er 1500 andere wettelijke besluiten op federaal vlak (de koning tekent niet meer de regionale besluiten).
het is dus hoogdringend dat hierin klaarheid wordt geschept voor het voor de rechtbank komt en één of andere rechter het nodig vindt om hier al was het gedeeltelijk in mee te gaan en te vergeten dat het recht niet alleen gebaseerd is op formalistische regels maar op uiterst belangrijke principes zoals het verzekeren van de publieke dienstverlening.
"Evolution doesn’t just offer an escrow, but also takes advantage of a more advanced feature built into bitcoin known as multi-signature transactions. That feature is designed to prevent both scams and seizure of escrow funds by law enforcement. It requires two out of three parties—the buyer, the user, and the site itself—to sign off on a deal before the escrowed bitcoins can be transferred. Evolution has also had much faster pageload times than competitors, most of whom run painfully slowly thanks to Tor’s process of routing web traffic among randomly chosen computers around the world. (Just how Evolution managed those speeds despite running on Tor itself isn’t clear.) And it has been online far more reliably: The website Darknet Stats counts Evolution as online 97 percent of the time, compared with 83 percent for Agora and 93.5 percent for Silk Road 2 at last check in September.
I think the Achilles Spees of Evolution is how they arrive at these speeds because it may be that not all traffic is as TOR protected as is should or they have invested enormous money in SSL accelators and other hardware stuff on their servers.
The protection that is given to Bitcoin shows that not all bitcoins are equal and that some are even not that anonymous, it all depends on how they configurate it and that is something the receiver of bitcoins doesn't always has any control over.
find the link on my twitter account
some hacktivists are hacking and leaking giga's of information every month but withouit all the press attention that others got
this is their blablablablabla
and on the same site this is the real reality of belgian insurance companies and websites online (and no one is really responsable to control their security for the moment)
"Front national, nouveau « parti de l’étranger » ? La question risque de hanter le congrès du parti d’extrême droite, qui s’ouvre samedi prochain, au centre des congrès de Lyon. Selon les informations obtenues par Mediapart, la présidente du FN a décroché, en septembre, un prêt de 9 millions d’euros de la First Czech Russian Bank (FCRB), une banque fondée en République tchèque aujourd’hui basée à Moscou.
and so it goes throughout nearly the whole extreme right in Europe which is fascinated by his authoritain leadership and guided by its anti-americanism
by murdering those students the bandits have accomplished what no corrupt government at any level at any time in Mexican history has accomplished
bring thousands and thousands of people in the street during weeks to protest for more democracy and legality and just a normal life
but they ain't going to wait or stand still
"DoubleDirect uses ICMP Redirect packets (type 5) to modify routing tables of a host. This is legitimately used by routers to notify the hosts on the network that a better route is available for a particular destination. However, an attacker can also use ICMP Redirect packets to alter the routing tables on the victim host, causing the traffic to flow via an arbitrary network path for a particular IP. As a result, the attacker can launch a MITM attack, redirecting the victim’s traffic to his device. Once redirected, the attacker can compromise the mobile device by chaining the attack with additional Client Side vulnerability (e.g: browser vulnerability), and in turn, provide an attacker with access to the corporate network.
With the detection of DoubleDirect in the wild we understood that the attackers are using previously unknown implementation to achieve full-duplex MITMs using ICMP Redirect. Traditional ICMP Redirect attacks has limitations and known to be half-duplex MITM. Zimperium Mobile Security Labs researched the threats and determined that the attackers are able to predict the IPs being accessed by the victim. We have investigated the attacks and also created a POC tool to prove that it is possible to perform full-duplex ICMP Redirect attacks. ICMP Redirect attacks are not easy to emulate because the attacker must know beforehand which IP address the victim has accessed. (There isn’t a systematic way to forward all the traffic from the victim through the attacker.)
so if they earn all the traffic from and to your machine because it goes through their servers than there is not a lot you can do to protect yourself and if you aren't fully encrypted from end to end than you just lose everything.
"IBM Trusteer researchers found a new configuration of Citadel that is being used to compromise password management and authentication solutions. It instructs the malware to start keylogging (capturing user keystrokes) when some processes are running.
The relevant part of the configuration is shown below (in IBM Trusteer’s proprietary format):
so in fact this means that now with a passwordmanagement software but later with whatever identification file or system on your computer it can be intercepted or copied
that is way in the safe portable (sophos) the identification files are not in root or kernel or system of windows but on a preboot encrypted seperated system (and this is why it doesn't work with the Belgian EID but only with a token from safenet)
"Now it looks very much like Greenwald is becoming a voice in the blogging wilderness again, and Snowden is watching from Moscow, once again isolated, as his explosive revelations fizzle out politically. On Tuesday, led by Republicans voting en masse, the U.S. Senate defeated a motion to vote on the USA Freedom Act, which would have curbed the NSA's bulk collection of Americans' phone records. The new, harder-line Republican Congress coming in January doesn’t seem likely to pass the bill either
Now those two are lamblasting the system and the judicial system and the stupid public and whatever they can think off (the media for example) but they seem to forget - as we have said here months ago - that Putin has changed as much the perception of the discussion as 9/11 had when we were discussing Echelon in 2001.
Putin has brought us to the brink of the cold war again and his permanent madness of sending bombers and submarines to our coasts - sometimes nuclear-capable - with all the risks of military incidents or collasions with civil airlines is just too mad to understand. It brought the possibility of military incidents right at our border instead of somewhere in some far part of Ukraine where there is everyday some shooting but nothing that could be really called a real big war.
ISIS has helped also off course.
And it just doesn't seem the right time now to dismantle the NSA now. You never know what they may miss because of the reorganisation, the limited resources or capabilities. They missed an 9/11 once because they didn't have enough translators and analysts.
as long as there is more oversight - for the moment not enough people care enough
"The US Federal Trade Commission (FTC) has charged TRUSTe, US-based provider of privacy certifications for online businesses, for deceiving consumers about its recertification program for companies’ privacy practices. The FTC Chairwoman, Edith Ramirez, said that “TRUSTe promised to hold companies accountable for protecting consumer privacy, but it fell short of that pledge. Self-regulation plays an important role in helping to protect consumers. But when companies fail to live up to their promises to consumers, the FTC will not hesitate to take action."
The FTC alleges that from 2006 until January 2013, TRUSTe failed to conduct annual re-certifications in over 1,000 cases, but its website informed consumers that companies holding TRUSTe Certified Privacy Seals receive recertification every year.
they have some explanation but whatever they say it ain't right and so it proves that if one wants to set up such a procedure than one needs to do it right
"The electronics manufacturer HP has announced a series of landmark policy changes on labor practices throughout its global supply chains, becoming the first U.S. information technology company to halt the common use of recruitment agencies for hiring foreign migrant workers among its suppliers.
Recruitment agencies, which often hire poor workers in one country for employment in another, have for years been criticized for a range of practices that can facilitate forced labor and slavery. Advocates thus see requiring the direct employment of migrant workers by suppliers of multinational corporations as a key opportunity to crack down on bonded labor and other rights abuses in the international economy.
“Workers who are employed by labor agents are more at risk of forced labor than those employed directly,” Dan Viederman, the head of Verité, a Massachusetts-based NGO that worked with HP to develop the new recruitment policies, said in a statement.
maybe all governmental and big contractors should put the same obligation in their contracts
"There is one finding that can well explain the unusual volatility and disaffection of so many American voters over the last decade. In 2000, 16 percent of households were headed by people without high school diplomas, and another 51 percent were headed by people without college degrees. From 2002 to 2012, the median income of the first group, across age cohorts, declined at an average annual rate of 2.4 percent, year after year; and the median income of the second group, across age cohorts fell at an average annual rate of 1 percent, year after year. That tells us that two-thirds of American households have suffered persistent income losses as they aged from 2002 to 2012, through eight years of economic expansion along with two years of serious recession. The median income of the remaining households, headed by college graduates, increased over this period—but at only one-third of the rate of households headed by college graduates in the 1980s and 1990s.
These trends have enormous electoral consequences. They explain why, in recent years, overall positive economic numbers and growth are not translating into feelings of shared prosperity. That’s why so many Americans are angry and ready to turn on whichever party has most recently failed to restore the broad income progress that almost everyone experienced in the 1980s and 1990s.
and this is what will happen in Belgium as we going through a wave of protests and afterwards huge reductions in wages, pensions, subsidies and available income
the same thing can be seen since 2007 in other countries and recently in France
Economists and investors are talking about growth and invesments and returns but the people who do the work don't see much of it, on the contrary
what is this
somebody declared cyberwar ?
this is just small sniper fire
if you don't need traffic from China, don't accept traffic from China, just block it at the router or the firewall
this is a picture
it is around 400 GBPS a second
OVH in France in implicated like several servers in the US
the strangest thing is that nobody is seeing this or doing something to stop it
we really need an international center that could cut those servers or routers or hosters untill they have cleaned up their act
There are some fake leaks around and as an alert blog you will get caught by them. The reason that we can get caught by them is that we have no authority whatsoever to test them. If we would test them than we would be breaking the law and than every stupid lawyer or just some of all the decisionmaker over here which would rather see me go could land me in court so I could lose my job and so on. Because whatever you do or say the fact that you land up in court means that you lose and there is no way that you can correct this. People will always think that there is still something to it and that suspicion will always stay - even if you are looking for another or better job.
So since ten years I have never been in court and I tend to keep it his way even if I was reporting and researching or discovering all kinds of leaks and breaches.
So we never test those leaks because the only test would be that I would try to use the published credentials to get access and that is illegal whatever you say about it.
It is up for the people who own these credentials or the services they use to do the tests and to take immediate measures of protection if that should be needed.
There are also sometimes hacks that aren't hacks because as in the case of some forum the forum wasn't hacked but the old admin had copied all the information of the members and placed it online. It is maybe not a hack but it is a leak and as such it stays a big problem.
So the information we publish here are possible leaks. Something some services need to check out and if it ain't a leak than it was worth testing it because if it would be a real leak than there would be a lot of trouble and work.
that is why training is so important and that has to be according to scenario's because attacks follow a complicated scenario's in which there are several different aspects that in case of discovery or breach have to be treated at the same time and of which some have to be visible to the attacker and others don't because it is all a mindgame in the first place (chess)
the reason is that it isn't seperated from the more overal discussion about information sharing with the intelligence and securityservices and as such is part of the global discussion about surveillance, democracy and what is a security threat
these things are much clearer in cybersecurity and it is necessary that such discussions and agreements are seperate from discussions about terrorism, subversion and surveillance
they should talk about ddos, hacking attemps, botnets, phishing attacks and so on
On information sharing, Representatives Rogers and Ruppersberger pushed for passage in the lame-duck session of a bill to permit sharing of cyber threat information between the private sector and the government. Rogers and Ruppersberger’s bill on the issue, the Cyber Threat Information Sharing & Protection Act (“CISPA”), passed the House in April 2013, but drew a veto threat from the White House and generated broad public opposition due to privacy concerns about the businesses providing Internet users’ information to the government. A Senate information sharing bill, the Cybersecurity Information Sharing Act, has prompted similar concerns. Proponents of cyber threat information sharing see it as crucial to facilitating increased security for U.S. systems and networks, but such information sharing has been pulled into the broader debate about surveillance reform and the flow of information to the intelligence community. The failure of the USA FREEDOM Act earlier this week substantially dims the chances for information sharing legislation until the new Congress.