Forgot your password?

+ - [Big Bad] Yahoo Takes on The Big Bad Government 1

Submitted by Nicola Hahn
Nicola Hahn (1482985) writes "The Washington Post has reported that during secret court hearings the government threatened Yahoo with a "massive" $250,000 per day fine if the company failed to hand over user data to the NSA. Journalists have depicted Yahoo’s legal actions as part of an ongoing “battle” with the government. Yahoo’s general counsel has asserted on the company tumblr that:

“Users come first at Yahoo. We treat public safety with the utmost seriousness, but we are also committed to protecting users’ data. We will continue to contest requests and laws that we consider unlawful, unclear, or overbroad.”

This coverage creates the impression that Yahoo is an intrepid champion of human rights. But is this really the case? Is filing a law suit really the best that Yahoo could’ve done? Lavabit’s founder, Ladar Levison, decided that he’d rather shutter his business when confronted with government demands for information. Keep in mind that in the past Yahoo cooperated with the Chinese government, handing over information on political dissidents who were subsequently imprisoned and tortured. Are these the actions of a company that “battles” for civil liberties? Or perhaps they indicate that executives are more interested in obeying the law to maintain quarterly profits?"

+ - NATO's Joint Cyber Defense Pledge: False Flag Ops Anyone?

Submitted by Nicola Hahn
Nicola Hahn (1482985) writes "NATO leaders are meeting in Wales to discuss, among other things, a joint defense pledge regarding cyberattacks.

There are serious issues with this kind of scheme. It’s no secret that the military is actively working on deception technology. False flag attacks are hardly a thing of the past (cyber or otherwise). A few months back a recording surfaced of high-level officials in Turkey plotting an operation to justify military strikes in Syria.

Given that NATO members have shown a habit of conducting false flag operations online and unleashing cyber campaigns against each other, does it even make sense to ratify a joint defense agreement or are world powers simply keeping up appearances?"

+ - Mapping Out The American Deep State-> 2

Submitted by Nicola Hahn
Nicola Hahn (1482985) writes "In recent coverage of events taking place in the Ukraine, the New York Times refers to the country as being under the sway of a group of oligarchs:

“The ultra-wealthy industrialists wield such power in Ukraine that they form what amounts to a shadow government, with empires of steel and coal, telecoms and media, and armies of workers.”

Note the mention of a “shadow government,” also known as a “Deep State.” This terms was originally coined in Turkey to refer to an entrenched cabal of spies, politicians, and organized crime bosses who manipulated events to maintain political control.

Does this sound familiar? You might have noticed the mass death sentence passed down by a court in Egypt. Very odd, how could 500 people be responsible for killing a single police officer? Thus leading journalists at FRONTLINE to suggest that Egypt is also under the influence of a deep state.

There are those who postulate that deep states aren’t limited to third-world nations. Readers might notice that none of the bankers involved in the 2008 financial collapse have gone to prison. Or that officials like DNI James Clapper and CIA Director John Brennan are able to flout the law with little or no consequences. Not to mention our leadership's cognitive dissonance over the origins of ISIS and the quandary of self-perpetuating conflict in the Middle East. Is the beast of the American Deep State peeking its head above the surface of the body politic?"

Link to Original Source

+ - Cornering the Market on Zero-Day Exploits->

Submitted by Nicola Hahn
Nicola Hahn (1482985) writes "Kim Zetter of Wired Magazine has recently covered Dan Greer’s keynote speech at Black Hat USA. In his lengthy address Greer, representing the CIA’s venture funding arm, suggested that one way that the United States government could improve cyber security would be to use its unparalleled budget to buy up all the underground’s zero-day vulnerabilities.

While this would no doubt make zero-day vendors like VUPEN and middlemen like the Grugq very wealthy, is this strategy really a good idea? Can the public really trust the NSA to do the right thing with all those zero-day exploits? Furthermore, recall the financial meltdown of 2008 where the public paid the bill for Wall Street’s greed. If the government pays for information on all these unpatched bugs would society simply be socializing the cost of hi-tech’s sloppy engineering? Whose interests does this "corner-the-market" approach actually serve?"

Link to Original Source

+ - The CIA Does Las Vegas->

Submitted by Nicola Hahn
Nicola Hahn (1482985) writes "Despite the long line of covert operations that Ed Snowden’s documents have exposed public outcry hasn’t come anywhere near the level of social unrest that characterized the 1960s. Journalists like Conor Friedersdorf have suggested that one explanation for this is that the public is “informed by a press that treats officials who get caught lying and misleading (e.g., James Clapper and Keith Alexander) as if they're credible.”

Certainly there are a number of well-known popular venues which offer a stage for spies to broadcast their messages from while simultaneously claiming to “cultivate conversations among all members of the security community, both public and private.” This year, for instance, Black Hat USA will host Dan Greer (the CISO of In-Q-Tel) as a keynote speaker.

But after all of the lies and subterfuge is it even constructive to give voice to the talking points of intelligence officials? Or are they just muddying the water? As one observer put it, “high-profile members of the intelligence community like Cofer Black, Shawn Henry, Keith Alexander, and Dan Greer are positioned front and center in keynote slots, as if they were glamorous Hollywood celebrities. While those who value their civil liberties might opine that they should more aptly be treated like pariahs”"

Link to Original Source

+ - Government Funded TAILS OS Has Zero-Days Exploits->

Submitted by Nicola Hahn
Nicola Hahn (1482985) writes "A recent Forbes article reports that an Internet arms dealer, Exodus Intelligence, has unearthed zero-day exploits in TAILS, Ed Snowden's favorite OS. Exodus plans to disclose the issues to TAILS "in due time." In other words, as the article notes, "That means customers could use the vulnerability however they see fit, possibly for de-anonymising anyone a government considers a target."

And if that weren't bad enough, a close look at TAILS project 2013 income statement reveals that the project, like Tor is funded by Uncle Sam. Granted, jumping to hasty conclusions would be falling prey to guilt-by-association syndrome, but isn't it interesting that several of these alleged anonymity tools are somehow linked to each other and also the United States military?"

Link to Original Source

+ - Would You Trust Tor with Your Life?->

Submitted by Nicola Hahn
Nicola Hahn (1482985) writes "If you lived in a police state where political activism could get you killed, would using Tor be enough to safeguard your identity? The general sympathy conveyed by privacy advocates is that “Tor still works.” But are these Tor supporters soft-pedaling the potential pitfalls? There are cynics in the crowd, researchers who feel that the users are being given a false sense of security, that people are depicting Tor as the digital equivalent a reinforced concrete barrier when in practice it can often be little more than a speed bump to trained spies. There’s evidence that while the NSA thinks that “Tor Stinks” there are also well-grounded reasons why spies don’t want to scare people away from using it"
Link to Original Source

+ - Censored DEFCON Presentation Posted Online->

Submitted by Nicola Hahn
Nicola Hahn (1482985) writes "Thought the Review Board at squelched Bill Blunden's presentation on Chinese cyber-espionage, and the U.S. government has considered imposing visa restrictions to keep out Chinese nationals, Bill has decided to post both the presentation's slide deck and its transcript online.

The talk focuses on Mike Rogers, in all his glory, a former FBI agent who delivers a veritable litany of hyperbolic misstatements (likely to be repeated endlessly on AM radio). Rather than allow the DEFCON Review Board to pass judgement as supposed .gov "experts", why not allow people to peruse the material and decide for themselves who is credible and who is not?"

Link to Original Source

+ - Censored Story on Social Media Manipulation->

Submitted by
Nicola Hahn
Nicola Hahn writes "A few days ago I tried to post an interesting story to Slashdot called "The Gentleperson's Guide To Forum Spies". The article was written by an ex-COINTELPRO spy, and describes in explicit detail how agents control and manipulate Internet forums. So, I tried to post this story and discovered that each time I posted it some Slashdot editor would quickly (within 3 minutes) delete the story before it came to the atention of other editors or readers. Someone on the Slashdot editorial board does NOT want Slashdot readership to learn the techniques used to control an internet forum. Note that these techniques only work so long as the readership remains IGNORANT of how they work. A little forensic investigation by someone with DB access will even show which editor(s) repeatedly deleted this story on 18 July 2012. Honest editors are smart enough to figure out what to about COINTELPRO infiltrator editors. Given that I have a natural dislike of censorship, I'm trying a different tactic to expose my fellow Slashdot readers to this censored content."
Link to Original Source

+ - Rooting the Body Politic->

Submitted by Nicola Hahn
Nicola Hahn (1482985) writes "There are reasons why an open debate about the role of money in politics has been stymied. It goes without saying that a truly honest conversation about the formulation of public policy is bound to make the vast majority of elected officials uneasy. The relatively small group at the top of the income spectrum is in a position where they can exert their leverage, directly or indirectly, to muddy the water and silence dissent. In some cases the mere threat of reprisal is enough to quell voices of opposition.

The first edition of “The Rootkit Arsenal,” published back in the summer of 2009, included a short epilogue that raised questions about the underlying integrity of the political system in the United States. It used the metaphor of a malware infestation to discuss aspects of popular participation and means of control. In preparing the forthcoming 2nd edition, this material has been extended and explores territory that has just barely received attention from the major news outlets. Though the publisher has opted not to include this content, it has been made available here:"

Link to Original Source

+ - Behind Cyberwar FUD-> 1

Submitted by Nicola Hahn
Nicola Hahn (1482985) writes "The inevitable occurred this week as The Economist broached the topic of cyberwar with a couple of articles in its July 3rd issue. Note the dramatic mushroom cloud and the intimations of mass destruction. The first article concludes that "countries should agree on more modest accords, or even just informal 'rules of the road' that would raise the political cost of cyber-attacks." It also makes vague references to "greater co-operation between governments and the private sector."

When attribution is a lost cause (and it is), international treaties are a meaningless because there’s no way to determine if a participant has broken them. The second recommendation is even more alarming because it’s using a loaded phrase that, in the past couple of years, has been wielded by those who advocate Orwellian solutions.

The following article is a morass of conflicting messages. It presumes to focus on cyberwar, yet the bulk of the material deals with cybercrime and run-of-the-mill espionage. Perhaps this is because the author is grasping for examples to impress the reader with. Then there’s also the standard ploy of hypothetical scenarios: depicting how we might be attacked and what the potential outcome of these attacks could be. The author shows his true colors in closing when he concludes with the ominous warning that terrorists "prefer the gory theatre of suicide-bombings to the anonymity of computer sabotage—for now."

What's truly disturbing is that The Economist never goes beyond a superficial analysis of the topic to examine what’s driving all of the fear, uncertainty, and doubt. Perhaps that would be dysfunctional, as it might lead the press to investigate itself. To help shed light on what’s taking place in the body politic, check out the following Lockdown 2010 white paper and slide deck. Read through this material and then go back and re-visit the articles in The Economist.

White Paper: Manufacturing Consent & Cyberwar

Slide Deck: Manufacturing Consent & Cyberwar"

Link to Original Source

+ - The Rootkit Arsenal

Submitted by
Nicola Hahn
Nicola Hahn writes "One of the first things I noticed while flipping through this hefty book is the sheer number of topics covered. Perhaps this is a necessity. As the author puts it, "Rootkits lies at the intersection of several related disciplines: computer security, forensics, reverse-engineering, system internals, and device drivers." Upon closer inspection, it becomes clear that great pains have been taken to cover each subject in sufficient depth and to present ideas in a manner that's both articulate and well organized. This accounts for the book's girth, which weighs in at roughly 900 pages.

This book is comprehensive enough to appeal to both novices and journeymen. To set the stage, the "Rootkit Arsenal" begins with a review of foundation material: the IA-32 execution environment, memory management, kernel-mode subtleties, call hooking, detour patching, and so forth. Yet, while the author devotes a significant amount of effort to explaining prerequisites and customary rootkit techniques, there's an abundance of more sophisticated content to engage more experienced members of the audience. For example, his explanation of how to use the WSK API and the most recent incarnation of the NDIS library (version 6.0) to construct covert channels over DNS is worth a read. I also appreciated his meticulous discussion of how to properly install Call Gates and handle the foibles of multi-processor systems.

One of the book's strong points is that there's coverage of issues which traditionally haven't appeared in books on this subject. For instance, there are several sections devoted to the Windows startup process and how it relates to the operation of bootkits. Part 3 of the book, which consists of four chapters, focuses on anti-forensics with an emphasis on defeating file system analysis and the examination of an unknown executable. To this end, Reverend Bill ventures off into the tactics used to implement binary armoring, FISTing, obfuscation, code morphing, file scrubbing, and data contraception.

Not content to merely explain the basic mechanics of a particular scheme, Reverend Bill often illustrates how he derived his results and encourages the reader to verify what they've seen with a kernel debugger. This is a recurring theme throughout the book. Rather than just teach the reader a collection of tricks, the author demonstrates how the reader can identify new ones independently. After all, specific holes come and go, but the art of finding new ones will always have utility. This more than justifies the lengthy discussion of kernel debugging earlier on in the book.

All told, the book is reasonably self-contained. The source code examples are clean, instructive, and have been included the book's appendix. As Reverend Blunden notes, the "Rootkit Arsenal" isn't about a specific rootkit that someone wrote (though such books exist). It's really about the rootkit that the reader will construct, such that the focus is on the nature of the tactics rather than a proof-of-concept rootkit. In this spirit, examples are long enough to illuminate potential sticking points but not so long that the reader feels like they're wading through mud in search of diamonds.

The author also exhibits good form in terms of giving credit where it's due. In the book's preface he specifically acknowledges a number of researchers who have made lasting contributions to the collective repository of knowledge (Mark Ludwig, Greg Hoglund, the grugq, Sven Schreiber, Joanna Rutkowska, Richard Bejtlich, etc.). While the author admits that many of the book's ideas can be unearthed by skulking about obscure regions of the internet, the real service that this book provides is to consolidate all of this disparate information together into one place, offering working implementations of each concept, and doing so in a remarkably lucid manner.

Yet, is this a responsible thing to do? Is it wise to show aspiring Black Hats how to manipulate forensic evidence so that they can implicate innocent people? Will publicizing the finer points of system modification make life easier for aspiring bad guys? Is he basically handing the reader a loaded gun and teaching them the nuances of a kill shot?

To a degree, Reverend Blunden sidesteps this issue as irrelevant. In the end he claims that he's just a broker of information, and that he doesn't care who uses the information or how they use it. If you asked me, this is a bit of a cop out (he sounds a little like an arms dealer). Furthermore, he accuses other authors (the ones who fall back on the traditional argument that they're bolstering security by encouraging vendors to improve their products) of churching up their books in "ethical window dressing." In the eyes of Reverend Bill, this book is what it is ...without apology: another source of useful data.

If I had one complaint about the Rootkit Arsenal, it's that the author sticks primarily to software-based rootkit technology. For instance, he eschews BIOS-based tools. At one point the author states:

"In my opinion, a firmware-based rootkit is essentially a one-shot deal that should only be used in the event of a high-value target where the potential return would justify the R&D required to build it. Also, because of the instance-specific nature of this technique, I'd be hard pressed to offer a single recipe that would a useful to the majority of the reading audience. Though a firmware-related discussion may add a bit of novelty and mystique, in the greater scheme of things it makes much more sense to focus on methods which are transferable from one motherboard to the next."

Last but not least, the author's tendency towards the political arena, which defined a couple of his previous books, rears its head again in "The Rootkit Arsenal"'s final chapter. Here, the good Reverend suggests that if it's possible to control a sprawling operating system like Windows with a relatively small rootkit binary, then perhaps the metaphor carries over into the body politic of the United States. Could a small segment of the population be quietly influencing the trajectory that society takes? Dave Emory and Noam Chomsky look out!

Readers interested in getting a closer look at the book's organization and table to contents can visit the author's web site at:

Nicola Hahn"

"An open mind has but one disadvantage: it collects dirt." -- a saying at RPI