Tuesday, May 02, 2006

April's Security Streams

Hi folks, it's about time to quickly summarize April's Security Streams. As of today, my blog is officially six months old and the feeling of witnessing change and improvements has always been a pleasant one. Blogging "my way" takes a lot of time, that is, posts going beyond "preaching" but emphasizing on "teaching", a little bit of investigative research, full-disclosure, and constructive key points on emerging or possible future trends related to infosec. Thanks for everyone's feedback, and actually reading not just going my posts as far as the average visitors' time spent is concerned!



1. "Wanna get yourself a portable Enigma encryption machine?"Already sold, but auctioned on Ebay, it's remarkable how the seller managed to preserve an original Enigma in such a condition, and the bids were worth it!



2. "The "threat" by Google Earth has just vanished in the air" Coming across Microsoft's Windows Live Local Street-Side Drive-by provoked contradictive thoughts, so I've decided to sum up recent ideas on the issue. The use of public satellite imagery for conducting OSINT is inevitable, while on the other hand the providers are simply making the world a smaller place. It is also questionable whether potential terrorists are "abroad" or within the countries themselves, that is knowing each and every corner of a possible "attack location", but with the ability to syndicate and share maps it would be naive not to think that they way you chat, they also do, and the way you plan activities while "zooming-out", they also do. At the bottom line, snooping from above might actually deal more with self-confidence than anything else. Have an opinion? Feel free to comment on the topic



3. "Insider fined $870" Virtual worlds are emerging and so are security techniques to steal someone's sword, be it through insiders, phishing, or trojan horse attacks. What's important to keep in mind when it comes to insiders is that on the majority of occasions you're are never aware that there's an ongoing potential breach on its way, and moreover, that the quantitative losses due to insiders are totally based on a company's sales projections, rather than successfully (if one can) measuring the value of intellectual property



4. "Securing political investments through censorship" We constantly talk on how the Internet is changing our daily lifes, our attitudes, and giving us the opportunity to tap into the biggest think-tank in the world -- on the majority of occasions for free. Internet censorship is still a very active practice by well-known regimes, while this post was trying to emphasize on the current situation - securing political investments through censorship



5. "Heading in the opposite direction" Companies and financial institutions are the most often targets of phishing attacks, and it's getting hard for them to both, convince their users and society that they're working on fighting the problem, and most importantly where's the real problem and how to fight it. In this post, I try to emphasize that building communications over a broken channel Bank2Customer over email is the worst possible strategy you could start executing. The irony in here is how in the way both, phishers and any bank in question may sometimes be using images stored on the banks server -- altogether!



6. "IM me" a strike order" It's a common myth that the military have came up with a Über secret and secure communications network, going beyond the Internet. And while there're such, they all suffer the same weakness, lack of usability, and budget deficits compared to IP based communications, that is the Internet. The post goes through research surveys on IMs in the military, and tries to bring more awareness on how age-old IM threats can easily exploit military IM communications as well



7. "Catching up on how to lawfully intercept in the digital era" On as daily basis we discuss security breaches, threats, privacy violations, whereas constantly misses the fact that there's a practice called lawful interception, namely that even if the NSA's domestic spying program got so much attention and concerns, it doesn't mean they aren't going to continue keeping themselves up-to-date with what is going wherever OSINT, SIGINT and HUMINT are applicable. The bottom line is that a person behind a CCTV camera's network is also under surveillance, so I advise you go through a very good resource on the topic, the Surveillance and Society Journal



8. "On the Insecurities of the Internet" IP spoofing by default, DNS and BGP abuses, Distributed Reflection Denial of Service Attacks, are among the ones worth mentioning, while perhaps the biggest insecurity lies in the fact that the Internet we're all striving to adapt for E-commerce and E-business, was developed as a scientific network we got used to so fast



9. "Distributed cracking of a utopian mystery code" Continuing the "distributed concepts" series of posts, this one deals with virtual worlds, and a wise idea on how to keep the players coming back for more -- let them even bruteforce the next part of the puzzle



10. "Fighting Internet's email junk through licensing" China's Internet population is about to surpass the U.S one and it would continue to grow resulting in China becoming the "novice" king of insecure networks. Trying to centrally control spam, they you can control the flow of traffic going out and coming in the country is a typical, but weak approach that could have worked years ago as no one needs a mail server to generate spam of phishing attacks these days. In respect to their concerns of users learning more about infosec, in China a cyber dissident is a heroic potential hacker, one that can easily bypass the Great Firewall and spread the word on how it can be done. As a matter of fact, PBS has done an outstanding job in their Tank Man episode, and while many considered the Chinese students' inability to recognize the infamous photo, what they were actually afraid of is showing a face-gesture that they indeed recognized it -- as they did of course.



11. "Would somebody please buy this Titan 1 ICBM Missile Base?" I think the buyer of this base should have better though of what he's buying, or let's just say how on Earth was he expecting to break-even given he missed the post-cold war momentum itself? It's indeed once in a lifetime purchase that you would think twice before not purchasing, and so I hope the auction would continue to attract visitors the way it is -- high-profit margins whenever the momentum is lost is a "lost case" by itself



12. "Spotting valuable investments in the information security market" An in-depth post on current market and vendor trends, as well as more info on the, now fully realistic acquisition of SiteAdvisor my McAfee, something I've blogged about in January. It's great to know that both parties came across the posts themselves, and to witness how such a wide-scale community power, but still backed by technology, startup got so easily acquired. What the acquirer must now ensure, is that it doesn't cannibalize the culture at SiteAdvisor -- every day is a startup day for us type of attitude is a permanent generator of creativity and attitude



13. "Digital forensics - efficient data acquisition devices" A resourceful post mentioning on the release of the CellDEK, no, it's not a portable DJs one, but a acquisition device detecting over 160 cell phone models and having the capacity to simultaneously acquire it from numerous devices all at once. Virtual cyber crime is all about quality forensics, whereas different legislations and approaches for gathering and coordinating such data across various countries remains a problem



14. "The anti virus industry's panacea - a virus recovery button" Try to get this on the Super Bowl and watch a generating falling for the lack of complexity in this "solution". Gratefully, I got many comments from readers with cheers on mentioning this and how useless the button is at the bottom line



15. "Why's that radar screen not blinking over there?" Quite some sites picked up the story, yet we can always question, and than again, so what? In a crucial situation a scenario like this could prove invaluable for the final outcome, but right now it's just a PR activity from the other side of the camp. Symmetric warfare is a tangible defense/offensive concept, whereas asymmetric warfare is fully capable of balancing powers -- to a certain extend as no matter how much NCW you put on the ground, you would still need "tangible" forces on the finish line



16. "25 ways to distinguish yourself -- and be happy?" A little bit of self-esteem is never too much and that's what these series can help you with



17. "Wild Wild Underground" An in-depth summary of some findings I intended to post for quite some time, but didn't have the time to. If you just take yourself some time to rethink over, you would hopefully realize that a guy like this is capable of recruiting people who actually come up with their own algorithms -- beyond their will in one way or another. Moreover, responding to comments I received, of course I did report the links, which are now down, as well as some of the forum posts I managed to digg. Ryan1918 is rather active though



18. "In between the lines of personal and sensitive information" Government reclassification of documents isn't the most pragmatic way, as these have already been online once, therefore someone out there still keeps a copy, and is now more than ever motivated to disseminate it, given someone is trying to censor it. I feel a common structure of the different types of information, formal training for those dealing with that type of info etc. and putting in place risk management solutions, considering that humans are totally not to be trusted (are computers to be?) is a way to mitigate these risks. Trying to censor something you end up making it even more popular that it could have been without you censoring it, just a thought



19. "DIY Marketing Culture" Personalization and Customization are emerging by default, and so is virtual viral marketing. In this post I mention the possibility to get your own custom MMs, and FireFox's FireFlicks initiative



20. "A comparison of US and European Privacy Practices" You can rarely come across a infosec survey with well formulated questions, ones that are the basis of a quality one. I think this company did a very good job in formulating and summarizing the outcome of a very trendy topic



Updated to add the averages for each month since I've started tracking my readers, looks nice, and in case you're interested you can also go through the summaries of previous months.