Remember ECHELON? The über-secretive worldwide intelligence sharing network that various activists once tried to poison by generating fake suspicious traffic using predefined keywords? Well, the system is still operating, and with the lack of transparency in the participating country's use and abuse of the technology, all we need is an EU alternative competing with the original.
Watch this excellent half an hour long documentary and find out : "What exactly is Echelon? How can it invade privacy, yet protect liberty? How did this billion-dollar system miss the September 11th attacks? In a riveting hour, we uncover the mysterious, covert world of NSA's electronic espionage."
Wednesday, March 07, 2007
Documentary on ECHELON - The Spy System
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
USB Surveillance Sticks
Despite the ongoing awareness built among enterprises and end users on the risks posed by removable media, there are vendors offering various surveillance solutions over an USB stick. Some are handy, others contradictive. And while RFID tags are getting smaller than a crop of rice, here are three surveillance solutions to keep in mind right next to the notorious KeyGhost hardware keylogger.
SnoopStick
An example of malware on demand at $59.95 which comes with lots of features as well as automatic updates :
"The SnoopStick monitoring components are completely hidden, and there are no telltale signs that the computer is being monitored. You can then unplug the SnoopStick and take it with you anywhere you go. No bigger than your thumb and less than 1/4" thick, you can carry it in your pocket, purse, or on your keychain. Any time you want to see what web sites your kids or employees are visiting, who they are chatting with, and what they are chatting about, simply plug in your SnoopStick to any Windows based computer with an Internet connection and a USB port. SnoopStick will automatically connect to the target computer."
TrackStick
Portable GPS surveillance with historical routes that look simply amazing when applied at Google Earth :
"The Track Stick will work anywhere on the planet Earth. Using the latest in GPS mapping technologies, your exact location can be shown on graphical maps and 3D satellite images. The Track Stick's micro computer contains special mathematical algorithms, that can calculate how long you have been indoors. While visiting family, friends or even shopping, the Track Stick can accurately time and map each and every place you have been."
GadgetTrack
An interoperable surveillance solution supposed to assist you in case your iPod or even PSP get stolen, all you have to do is infect your device and prey there's Internet connectivity at a later stage. Tracking your stolen devices is one thing, getting them back is completely another :
"What if your device could phone home? Well now it can. With our patent-pending GadgetTrak™ system, you simply register your device and install our agent files on your device. If your device is missing or stolen, you log into your account and flag the device as lost or stolen. The next time the device is accessed it will attempt to contact us and provide data regarding the system it is plugged into."
SnoopStickAn example of malware on demand at $59.95 which comes with lots of features as well as automatic updates :
"The SnoopStick monitoring components are completely hidden, and there are no telltale signs that the computer is being monitored. You can then unplug the SnoopStick and take it with you anywhere you go. No bigger than your thumb and less than 1/4" thick, you can carry it in your pocket, purse, or on your keychain. Any time you want to see what web sites your kids or employees are visiting, who they are chatting with, and what they are chatting about, simply plug in your SnoopStick to any Windows based computer with an Internet connection and a USB port. SnoopStick will automatically connect to the target computer."
TrackStickPortable GPS surveillance with historical routes that look simply amazing when applied at Google Earth :
"The Track Stick will work anywhere on the planet Earth. Using the latest in GPS mapping technologies, your exact location can be shown on graphical maps and 3D satellite images. The Track Stick's micro computer contains special mathematical algorithms, that can calculate how long you have been indoors. While visiting family, friends or even shopping, the Track Stick can accurately time and map each and every place you have been."
GadgetTrackAn interoperable surveillance solution supposed to assist you in case your iPod or even PSP get stolen, all you have to do is infect your device and prey there's Internet connectivity at a later stage. Tracking your stolen devices is one thing, getting them back is completely another :
"What if your device could phone home? Well now it can. With our patent-pending GadgetTrak™ system, you simply register your device and install our agent files on your device. If your device is missing or stolen, you log into your account and flag the device as lost or stolen. The next time the device is accessed it will attempt to contact us and provide data regarding the system it is plugged into."
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Death is Just an Upgrade
Started as a project to digitally mimic 100% a human's behaviour, the Virtual Soldier research program is getting more funding to accomplish its mission, and go beyond :"In particular, the contract calls for the VSR team to further develop their "Predictive Dynamics" tools for use in calculating human motion in a military environment. Invented by VSR researchers, the field of Predictive Dynamics already has made a significant impact on the field of human motion simulation by making it possible -- for the first time ever -- to calculate the walking and running involved in human gait when given such variables as human body size, strength, weight, load-carrying abilities and clothing effects."
Next, Santos will find himself exposed to radiation, blown up on pieces, getting hit by a truck, or pretty much anything that you would never get the chance to -- legally -- expose a living human to, for testing purposes.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Botnet Communication Platforms
Botnets, or the automated exploitation and management of malware infected PCs is perhaps the most popular and efficient cyber threat the Internet faces these days. Whether you define it as the war on bandwidth or who's commanding the largest infected population, this simple distributed hosts management problem is continuing to evolve in order for the botnet masters to remain undetected for as long as possible. On the other hand, the growing Internet population combined with the lack of awareness of the "just got a PC for Christmas" users, and IPv4's well known susceptability to IP spoofing compared to IPv6, always make the concept an interesting one to follow.
Despite that at the beginning of 2006, I pointed out on how malware related documentation and howtos turned into open source code resulting in a flood of malware variants, thus lowering the entry barries for a novice malware copycats, a week ago I located a very throughout document on various botnet communication platforms and I'm sure its author wouldn't mind me reposting the fancy graphs and commenting on them.
IRC based Botnet Communications
Nothing ground breaking in this one besides the various advices on stripping the IRCd, creating own network of IRC servers compared to using public ones, and on the importance of distributed secrecy of the botnet participants' IPs, namely each bot would never know the exact number or location of all servers and bots.
HTTP Botnet Communications
The possiblities with PHP and MySQL in respect to flexibility of the statistics, layered encryption and tunneling, and most importantly, decentralizing the command even improving authentication with port knocking are countless. Besides, with all the buzz of botnets continuing to use IRC, it's a rather logical move for botnet masters to shift to other platforms, where communicating in between HTTP's noise improves their chance of remaining undetected. Rather ironic, the author warns of possible SQL injection vulnerabilities in the botnet's command panel.
ICQ Botnet Communications
Perhaps among the main reasons to repost these graphs was the ICQ communication platform which I'll leave up to you to figure out. As a major weakness is listed the reliance on icq.com, but as we've already seen cases of botnets obtaining their commands by visiting an IRC channel and processing its topic, in this case it's ICQ WhiteLists getting the attention.
Related comments on the programming "know-how" discussed will follow. Know your Enemy!
Despite that at the beginning of 2006, I pointed out on how malware related documentation and howtos turned into open source code resulting in a flood of malware variants, thus lowering the entry barries for a novice malware copycats, a week ago I located a very throughout document on various botnet communication platforms and I'm sure its author wouldn't mind me reposting the fancy graphs and commenting on them.
IRC based Botnet CommunicationsNothing ground breaking in this one besides the various advices on stripping the IRCd, creating own network of IRC servers compared to using public ones, and on the importance of distributed secrecy of the botnet participants' IPs, namely each bot would never know the exact number or location of all servers and bots.
HTTP Botnet Communications
The possiblities with PHP and MySQL in respect to flexibility of the statistics, layered encryption and tunneling, and most importantly, decentralizing the command even improving authentication with port knocking are countless. Besides, with all the buzz of botnets continuing to use IRC, it's a rather logical move for botnet masters to shift to other platforms, where communicating in between HTTP's noise improves their chance of remaining undetected. Rather ironic, the author warns of possible SQL injection vulnerabilities in the botnet's command panel.
ICQ Botnet CommunicationsPerhaps among the main reasons to repost these graphs was the ICQ communication platform which I'll leave up to you to figure out. As a major weakness is listed the reliance on icq.com, but as we've already seen cases of botnets obtaining their commands by visiting an IRC channel and processing its topic, in this case it's ICQ WhiteLists getting the attention.
Related comments on the programming "know-how" discussed will follow. Know your Enemy!
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Posts (Atom)