belsec : A secure democratic Net is a fundamental right

08/17/2010

have still 5 invites to the new digg

digg used to be one of the most efficient and authoritative social linkmachines that were around to find stories that were important - being selected by a number of authoritative persons or magazines

It seems to be manipulated in its old form by an organized network of intolerant ultraconservatives who have found ways to dupe the system

But the new system seems to let you more choice to select yourself what you want to see and what you find important and maybe no organised group will find a way around that

I still have 5 invites for the betatesting of the new digg - the old one is rigged

so just mail me if you need one

Len

08/16/2010

old blog adapted : be-hacked.skynetblogs.be

this blog has been cleaned up from listings that aren't important anymore and other posts

but it is now a gallery of some of the most important hacks of .be domains during 2006-2009

http://be-hacked.skynetblogs.be

08/14/2010

newly reactivated but different blog : freeware.skynetblogs.be

If you want freeware, as I repeat all the time you follow the leads and feeds on the security dashboard

this blog won't explain you what the freeware is in length or compare them or other articles like that that you will find all over the web

It will publish every week a list of all the updated freeware out of a list of more than 900 freewares that are monitored and selected through download.com

I just republish this list

but I am sure that you will find useful new stuff that you will find interesting

and be reminded that this software has to be updated - something we forget all the time

blog reactivated but different : ebooks.skynetblogs.be

If you want to read documents and ebooks you can follow the diigo.com/mailforlen feed or the googlereader feed or a list of other feeds that are available at the Security dashboard

this blog is reactivated but different

It is linking to only caches of documents so that you don't have to go each time to all the different sites

It will only be a selection of documents

the problem with scribd was that documents disappeared quite quickly for all sorts of reasons and that it had no sense keeping track of it all

If you use scribd.com, you just download what you find interesting because tomorrow it may not be there anymore for a whole series of reasons

so I hope in the coming year to be able to surprise you with documents that may be of interest

It won't be books or other clearly copyrighted material

08/05/2010

More updates to the security information dashboard

The google reader has been upgraded with a lot of new interesting RSS feeds

You can follow those at the security dashboard (my google feeds)

The security dashboard itself has been upgraded with some new pages and functions and links.

Do not be surprised that information and links and tools are a bit changing from place at netvibes because we are reconstructing a new information place.

To give an idea what is happening is that I have closed my Igoogle and several other informationkeeping services and re-organized them.

The securitydashboard has now also

- a page with securitytests for the individual

- a page with networktests

- a page with freewaretools, information about how to use tools and tips and updates for software

- updates with links from delicious and digg are also added

- a page with technews from a selection of the best known international sites

If you want to work with me at this dashboard, quite possible just contact me

throwing away 7000 emails and changing to RSS - why tech newsletters stink

So I was subscribed to the lot of them - thought that so I wouldn't have to miss something and that reading mail would be faster than those sites and feeds and so on.

Meanwhile several of the online informationmanagement-services have upgraded and are now worthwhile so I decided to empty my yahoo box from the last several months and decided to keep only the things that I couldn't have in RSS or pagewatchupdate and that were worthwhile reading.

Now I have a clean mailbox because only a few newsletters survived.

They don't have all those ads and false reporting by whitepapers and stuff like that

They have full text and sources.

They don't have all those ads and colours and other html stuff that makes reading an investment.

The problem is that most technewsletters have started with good intentions but have added more and more sponsor and stylish nonsense.

Like conferences that are more filled with salestalk rather than techtalk and ITsec hype of the day that just puts other names on other products or functions.

A bit boring after all these years. Have seen it all, have heard it all. Bla bla bla.

So as I have more links in my rss feeds It will be easier to weed out the commercial and rubbish and select the better stuff.

And if you ain't got RSS yet, you rather think twice. Or you make something easy and interesting to read in mail or you add RSS.

08/04/2010

second gallery of pics online : bad ssl certificates

These pics can also be useful for presentations

Pics of SSL certificates with the compromised MD5 signature, that are self-signed or not trusted

and with some big names and many security initiatives

You can find it here http://belsec.skynetblogs.be/album/bad-certificates/

First album online :pics from hacked .be sites

You could use them for your presentations or warnings or jokes

http://belsec.skynetblogs.be/album/hacked-sites/bo180.html

re-organisation and update of the security dashboard update2

Well now that Netvibes.com is upgraded and is proving to be an excellent service I have updated and concentrated more links and feeds there. This makes it simpler than sending people to diigo, twitter and a lot of other pages and services.

But to do that I had to re-organize a few things.

But time is not on my side as it flows away before I get everytthing done I wanne do - even if I try to limit the time I spend on this resource.

I have limited the number of dijgo categories otherwise It took to long to insert links in the database. You can follow those favourites of mine on one page here.

The archives (also the old indexes with hacked and spammed Belgian pages) are still accessable

I do not tweet but i send this blog to twitter and I follow a lot of security and other twitters. Those I have organised in different lists - I know I have to update them - one of the things to do. You can follow all of them here.

If you want to follow the twitterlists in your email you should use this tool

As I am now connected through seemic I will follow more up on tweets and messages..... :)

The other thing that changed is that nearly all (Except for the Google Badware pages on one netvibe page) public Belgian malware domains and alerts are placed together here. You can open the pages and you will see immediately if your domains are mentioned. Arbor Networks asks a login for Belgian news so you will have to ask them yourself a login or just trust that if there is something really important going on it will be published here. But since we have a CERT over here things have reallly been much better. If only they would get more resources....

Some more Belgian resources will be placed here later. The hacked and insecure sites I am finding during my research are now together in one feed. you can subscribe to the feed here or look at the latest ones at the Belgian malware page at netvibes.

The problem with Google reader - which is great for the rest is that the RSS feed of the groups is quite limited. For the moment there are about 1700 feeds that are collected in different groups. Some of the most important have their public pages with the links on a netvibes page here.

So you have for the moment

- feeds from hundreds of blogs and sites

- tweets from 400 mostly security tweeters

- more than 50.000 links and favourites (diigo)

more or less integrated in one environment (even if a lot of the stuff is an echo, retweeting, republishing, blogging about the same thing or just sending the same links to the same articles)

Not bad for a first clean up operation.

Look out for more.

07/24/2010

Frontpage article in De Standaard about Cyberwar (and me in it)

De btandaard was preparing an article about Cyberwar after having read the new book about it by Clark.

It was published today with on the frontpage of De Standaard a great title 'The enemy is on the internet, cyberwar'. A better attentiongetter can hardly be imagined.

De Standaard is an important newspaper in Belgium and is read by decisionmakers all over the place. It has also the last year made several times place and time for the different aspects of cybersecurity (or lack of it) in Belgium.

http://www.standaard.be/artikel/detail.aspx?artikelid=T72...

Some important points were made

Everything that is digital can be read or intercepted (not alway very easy to do but with enough and creativity everything can be broken)

There is no cyberwar but there are coordinated attacks during the course of wars or civil disturbances against different parties. It is very hard to prove that those attacks are directly linked to a government. Cyberterrorism is now mostlly limited to propaganda and by terrorist groups.

THe cybercriminals are much more sophisticated than before, make a lot of money and have all the time of the world. The cyberattacks themselves have become much more sophisticated than ever before.

It is quite dangerous to link SCADA systems (water, electricity, transport and industrial processes) to the internet as they don't have the necessary degrees of security in their code and networks.

Some interesting points were made

The Belgian army has now a cyberdefense team (of 4 people sic) who try to defend the networks. It seems the networks have been hit so hard by attacks last year that there was no choice.

4 Belgian servers were used to attack South Korea last year when it was under a big cyberattack presumably by North Korea (who denied everything)

More than 1 million Belgian creditcards were blocked last year because they were compromised

The police estimate that about 68 million Euro was stolen online from Belgians last year. Only a fraction of that was declared to the police (as the banks and eshops prefer to pay the damage to keep their reputation intact).

There are for the moment some criminals investigations under way for Cyberespionage against Belgian enterprises in which commercially important information was stolen.

The Belgian cyberarmy has the official permission to hit back at an attacker (something quite dangerous in Cyberspace where you never know who is behind which server or uses it as a proxy)

And to end with the following hard to understand situation in Belgian

For the moment nobody controls the security of private utilities and there is no coordinated effort between the different securitycells throughout the official and private infrastructure.