Tracking Down Internet Terrorist Propaganda

I always knew there's a team of cheap marketers behind every terrorist organization trying to market yet another multimedia killing, or put it simple fear, treats, and no respect for life. Why cheap? Mainly because there's no segmentation or niche issues to deal with, but mostly mass marketing, while harnessing the power of the never ending resonation from the media echo.

Rather biased, today's opinion on Cyberterrorism always has to do primarily with destruction as the core of the problem. Active research is already conducted on "Arabic Extremist Group Forum Messages' Characteristics" and "Terrorist Social Network Analysis", and the real issues still remain communication, research, fundraising, propaganda, recruitment and training -- I wish Dorothy Denning was also blogging on the topic!

iDefense, being the masters of CYBERINT, recently found jihadist web sites related to Zarqawi's "Successor". The interesting part :

"This website contains forums with a mix of threads covering items from the latest information on the militants in the Middle East, such as a video of militants in Syria, to hacker education, such as Microsoft Word documents available for downloading that detail CGI, unicode and php exploits. The members appear to be interested in physical and cyber-related threats. The membership of the site is growing and is already over 10,000+ members. Plus, we at iDefense/VeriSign are very interested to see what hacking issues or levels of cyber expertise may be covered on this site."

By the way, I just came across to an outstanding list of Islamic sites at Cryptome. These are definitely about to get crawled, analyzed, and for sure, under attack in the future. For instance, the most recent example of hacktivism tensions, are the hundreds of hacked Israeli web pages, in the light of Israel's military action in Gaza.

Further reading on:
Terrorism
Cyberterrorism
How Modern Terrorism Uses the Internet
Jihad Online : Islamic Terrorists and the Internet
Right-wing Extremism on the Internet
Terrorist web sites courtesy of the SITE Institute
The HATE Directory November 2005 update
Recruitment by Extremist Groups on the Internet Continue reading →

Delicious Information Warfare - 24/27 June

Go through my daily reads for 13/24 June as well.

01. Meteorite Collision - "Japanese animation showing what would happen if a giant meteor hit the Earth." to Space on june 25

02. Should We Lift North Korean Sanctions? - "Quentin Hardy summed up his side’s argument: “Capitalism has corrupted other authoritarian regimes, why not North Korea?”to Investing on june 25

03. The ABCs of New Security Leadership - "Maintaining the right level of boardroom and employee awareness is a consequence of leadership. And more effective ideas and tactics are replacing the old, reactive security leadership paradigm. Below, CSO looks at what's Out and what's In." to Security Leadership on june 27

04. Blackmailer : the story of Gpcode - "Analysts at Kaspersky Lab had successfully cracked a 660 bit RSA encryption key. This was the latest victory against a cyber blackmailer that had been plaguing users in Russia for over a year and a half." to Malware Ransomware on june 27

05. My Anti-Virus Revolving Door - "I'm the Donald Trump of anti-virus software testing. It won't be long before they're all fired." to Malware AntiVirus on june 27

06. Eyeballing Israel Signal Facilities - "Israeli Signal Facilities, courtesy of the Eyeball Series." to Security Defense Reconnaissance Satellite GEOINT on june 27

07. DHS Special Report Can DHS meet IT cybersecurity expectations? - “In the Defense budget we have put hundreds of millions of dollars in for info. dominance,” Weldon said. He cited Pentagon programs to fund universities to launch cybersecurity studies centers and to expand the military’s own cybersecurity programs." to Security Defense Cyberterrorism Leadership on june 27

08. Tampa GOP Cyber-Attack - "As the global Islamist war heats up, technically savvy cyber-terrorists will continue to look to find weaknesses in the Internet infrastructure of the West." to InformationWarfare Cyberterrorism Hacktivism PSYOPS on june 27

09. Analysis Warns U.S. of Cyber Security Weaknesses - "If our nation is hit by a cyber Katrina that wipes out large parts of the Internet, there is no coordinated plan in place to restart and restore the Internet," said John J. Castellani, President of the Roundtable." to Security Defense Cyberterrorism Leadership on june 27

10. Ignoring the Great Firewall of China - "The so-called "Great Firewall of China" operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST fag set) are sent to both endpoints of the connection.." to Censorship China FreeSpeech on june 27

11. Encyclopedia of Espionage, Intelligence, and Security - "Espionage information." to Intelligence Espionage on june 27

12. China-Led Group to Fight Web Fraud, Cyber Terrorism - "A Russian and Chinese-led bloc of Asian states said Thursday it plans to set up an expert group to boost computer security and help guard against threats to their regimes from the Internet." to Security on june 27

13. Immunizing The Internet, Or : How I Learned To Stop Worrying And Love The Worm - "In a 1997 exercise, NSA teams hacked into computer systems at four regional military commands and the National Military Command Center and showed that hackers could cause large-scale power outages and 911 emergency telephone network overloads." to Security Defense InformationWarfare Cyberterrorism on june 27

14. Five Questions For Martin Roesch, Founder and CTO of Sourcefire - "In 1998, Roesch created Snort, an app that sniffs out malicious traffic trying to enter a network. Snort's free source code has been downloaded more than 3 million times." to Interview on june 27

15. Firms Eye Video Surveillence - "And as the technology shrinks, the cameras slip deeper into the background, hardly noticed, streaming more than 4 billion hours of footage a week—footage that usually ends up lost, and never seen." to Surveillance CCTV Technology on june 27

16. How big is Earth compared to other planets and stars? - "Fun series of photos comparing Earth's size to that of other planets and stars." to Space on june 27

17. All-Seeing Blimp on the Rise - "The problem with the American military today is that it doesn't have a giant, robotic airship, two-and-a-half times the size of the Goodyear blimp, that can watch over an entire city at once.The idea is to park an unmanned airship over a hot zone. to Military Surveillance Privacy on june 27

18. Malware in Popular Networks - "Some of the other popular means of computer supported collaboration are USENET, IRC, P2P, IM. We have seen a consistent uprise of malware targeting these collaborative systems."
to Malware on june 27

19. Word macro trojan dropper and (another) downloader - "We've seen a lot of new malware being spammed in last couple of hours." to Malware on june 27 Continue reading →

Malicious Web Crawling

SiteAdvisor indeed cashed for evaluating the maliciosness of the web, and New Zealand feels that nation wide google hacking initiatives are a more feasible solution to the problem of google hacking, compared to the Catawba County Schools Board of Education who blamed Google for indexing student test scores & social security numbers. It's like having a just-moved, 25/30 years old neighbors next to your place, who didn't know you have thermal movement detection equipment and parabolic microphones, in order to seal the house by using robots.txt, or assigning the necessary permissions on the web server asap.

Tip to the Board of Education, don't bother Google but take care of the problem on your own, immediately, through Google's automatic URL removal system, by first "inserting the appropriate meta tags into the page's HTML code. Doing this and submitting via the automatic URL removal system will cause a temporary, 180-day removal of these pages from the Google index, regardless of whether you remove the robots.txt file or meta tags after processing your request."

Going back to the idea of malicious web crawling, the best "what if" analysis comes from Michal Zalewski, back in 2001's Phrack issue article on "The Rise of the Robots" -- nice starting quote! It tries to emphasize that "Others - Internet workers - hundreds of never sleeping, endlessly browsing information crawlers, intelligent agents, search engines... They come to pick this information, and - unknowingly - to attack victims. You can stop one of them, but can't stop them all. You can find out what their orders are, but you can't guess what these orders will be tomorrow, hidden somewhere in the abyss of not yet explored cyberspace. Your private army, close at hand, picking orders you left for them on their way. You exploit them without having to compromise them. They do what they are designed for, and they do their best to accomplish it. Welcome to the new reality, where our A.I. machines can rise against us."

That's a far more serious security issue to keep an eye on, instead of Google's crawlers eating your web site for breakfast. Continue reading →

Shots From the Wild - Terrorism Information Awareness Program Demo Portal

A lot has changed since my last post on "Data mining, terrorism and security", namely NSA's warrantless surveillance efforts. So, in the spirit of a second possible NSA facility, I've decided to post a shot from the TIA's early stages of development obtained though the most detailed, conceptual, and from a developer's point of view description of the program.

There've also been speculations on the severity of NSA wiretapping program compared to the Watergate scenario, while I feel that besides political engineering through infowar, it also occurs relatively more often over a juicy barbecue.

Related resources on Intelligence, NSA, Surveillance, Wiretapping. Continue reading →

Dealing with Spam - The O'Reilly.com Way

While China feels that centralization is the core of everything, and is licensing the use of mail servers to fight spam, thus totally ignoring the evolution of spam techniques, the other day I came across to some recent Spam Statistics from Oreilly.com -- scary numbers!

"Our mail servers accepted 1,438,909 connections, attempting to deliver 1,677,649 messages. We rejected 1,629,900 messages and accepted only 47,749 messages. That's a ratio of 1:34 accepted to rejected messages! Here is how the message rejections break down:

Bad HELO syntax: 393284
Sending mail server masquerades as our mail server: 126513
Rejected dictionary attacks: 22567
Rejected by SORBS black list: 262967
Rejected by SpamHaus black list: 342495
Rejected by local block list: 5717
Sender verify failed: 4525
Recipient verify failed (bad To: address): 287457
Attempted to relay: 5857
No subject: 176
Bad header syntax: 0
Spam rejected (score => 10): 42069
Viruses/malware rejected: 2575
Bad attachments rejected: 1594"

Draw up the conclusions for yourself, besides shooting into the dark or general syntax errors, total waste of email traffic resulting in delayed email is the biggest downsize here, thankfully, non-commercial methods are still capable of dealing with the problem. At the bottom line, sending a couple of million email messages on the cost of anything, and getting a minor response from a "Hey this is hell of a deal and has my username on the top of it!" type of end users seems to keep on motivating the sender. Localized spam is much more effective as an idea, but much easier to trace compared to mass-marketing approaches, though I feel it would emerge with the time.

Browse through Spamlinks.net for anything anti-spam related, quite an amazing resource. Continue reading →

Big Brother in the Restroom

Wikes! This is nasty, and while the porn industry has commercialized the idea a long time ago, I never imagined the levels of crime in public restrooms would "reach" levels requiring CCTVs to be installed -- if there's so much vandalism going on in public restrooms, these will definitely get stolen as well, picture the situation! Norway installs surveillance cameras in park restrooms.

Hint : once you get involved in the CCTV irony, I say irony mainly because the dude behind the 40 motion detection and face recognition wall is having another CCTV behind his back, you end up spending tax payers money to cover "blind spots", and end up with a negative ROI while trying to achieve self-regulation, if one matters!

Surveillance and Society's journal still remains the most resourceful publication on surveillance studies and its impact on society.

Further reading and previous cases:
The Hidden Camera
Iowa Judge Says Hidden Restroom Camera Case Can Proceed to Trial Continue reading →

World's Internet Censorship Map

While it seems rather quiet on the Internet's censorship front, the media coverage on the topic represents a cyclical buzz that reemerges with the time.

Thankfully, initiatives as the OpenNet one, and organizations such as Reporters Without Borders never stop being the society's true watchdogs when it comes to Internet censorship. ONI's neat visualization of the Internet filtering map is a great way of pin pointing key locations, and provide further details through their in-depth reports, take a look for yourself!

Censorship is capable of running entire governments, maintaining historical political power, and mostly ruling by "excluding the middle". Recently, two of China's leading Internet portals were shut down due to maintenance issues acting as the excuse for improving their filtering capabilities. Reporters Without Borders conducted an outstanding analysis of the situation, coming to the conclusion "that the search engines of China’s two leading Internet portals, Sina and Sohu, after they were shut down from 19 to 21 June for what they described as a “technical upgrade” but which in fact was designed to improve the filtering of their search results."

What is Google up to? Making business compromises in order to harness the power of the growing Chinese Internet population. And while the Wall is cracking from within, the world is also taking actions against the fact that there're currently 30 journalists behind bars in China. Continue reading →

Delicious Information Warfare - 13/24 June

Brief summaries of key events for the last week and a half, catch up with previous ones as well. I intend to continue sharing my daily reads while emphasizing on the big picture, and emerging trends. Great quote courtesy of the The Royal Swedish Academy of War Sciences : “The world isn’t run by weapons anymore, or energy, or money. It’s run by little ones and zeros, little bits of data. It’s all just electrons. . . . There’s a war out there . . . and it’s not about who’s got the most bullets. It’s about who controls the information. What we see and hear, how we work, what we think, it’s all about information.”

01. Eyeballing North Korean Missile Launch Furor - "Latest satellite photo coverage and description of the launch site facilities." to Military Satellite Reconnaissance GEOINT ... on 25 June

02. VoIP wiretapping could lead to more problems - "Requiring Internet service providers to respond in real time to requests for them to record VoIP calls would open up the Internet to new vulnerabilities, Whitfield Diffie added." to Intelligence Terrorism Wiretapping CALEA VoIP on 25 June

03. Police arrest two in Japan data theft case - "Blackmailers attempted to extort almost $90,000 from one of Japan's largest phone companies by threatening to reveal a leak of private data belonging to four million customers before a major shareholder meeting." to Espionage Insider Investing on 25 June

04. Kevin Mitnick, the great pretender - "ZDNet UK caught up with the ex-cracker to discuss developments in social engineering, new U.S. laws monitoring telephone systems and alleged "NASA hacker" Gary McKinnon's impending extradition to the United States." to Security Interview on 25 June

05. Data-Theft Worm Targets Google's Orkut - "Now, however, the infection will pop up a message telling you your data is being mailed off someplace, before sending you to the Orkut site." to Malware Web on 25 June

06. French Microsoft Web site hacked - "Hackers on Sunday broke into a part of Microsoft's French Web site, replacing the front page with online graffiti." to Hacktivism Microsoft Defacement on 25 June

07. SCADA industry debates flaw disclosure - "The guys who are setting up these systems are not security professionals. And many of the systems that are running SCADA applications were not designed to be secure--it's a hacker's playground."
to Security SCADA Cyberterrorism Vulnerabilities on 25 June

08. Details emerge on second potential NSA facility - "The room had a sophisticated set of double security doors, known as a "mantrap," and any engineer who worked inside required extensive security clearances." to Intelligence NSA Terrorism Surveillance Wiretapping on 25 June

09. Next-Gen Bank Trojans Are Upon Us - "The 3G Banking Trojan can steal your info and then siphon your account of its cash. The 3G Banking Trojan began with the "Win32.Grams" piece of malware, which first appeared in 2004."to Malware on 25 June

10. Malware authors eyeing Web-based applications - "As Web-based services grow increasingly popular, industry experts say users should brace for more of these threats." to Malware Web on 25 June

11. Stratcom leads DOD cyberdefense efforts - “Unfortunately for us, cyberterrorism is cheap, and it’s fast,” Kehler said. “Today’s terrorist moves at the speed of information.” to Defense InformationWarfare Cyberterrorism on 25 June

12. Text Messaging Used as Malware Lure - "Botnet herders have found a crafty new way to lure computer users to maliciously rigged Web sites—via text messaging on cell phones." to Malware Mobile on 25 June

13. Two China Search Sites Shut - "Censorship or maintenance? That’s the question after two Chinese search engines shut down temporarily." to China Censorship FreeSpeech on 25 June

14. Web services increasingly under attack - "As larger audiences flock to Web sites that run on ever more powerful programming scripts, malware writers are them fertile ground." to Security Malware Web on 25 June

15. What's the Endpoint of Endpoint Security? - "Finally, there’s a more manipulative progenitor of new jargon: the analyst community. White papers, market reports and mystical squares can get crowded, and the big vendors often dominate them."
to Security Investing Advertising Leadership on 25 June

16. Expatriates in Canada pressured to spy - "Despite strong warnings from the government of Canada, certain countries continue to use their intelligence services to manipulate and exploit expatriate communities in Canada," CSIS said." to Intelligence OSINT Espionage on 25 June

17. Review: Terror On The Internet - "Terror on the Internet" usefully outlines the basic contours of his subject, giving a taste of Al Qaeda's Internet rhetoric and strategies, along with those of less well-known militant groups from Colombia to the Basque country to Chechnya." to InformationWarfare Cyberterrorism Terrorism PSYOPS on 25 June

18. Web of terror - "The suspects reportedly became radicalized through militant Web sites and received online advice from Younis Tsouli, the Britain-based Webmaster for Islamic extremist sites who called himself "Terrorist 007," before he was arrested late last year." to InformationWarfare Cyberterrorism Terrorism PSYOPS Web on 25 June Continue reading →

Travel Without Moving - Erasmus Bridge

Catching up with last week's Travel Without Moving shot, this one isn't intelligence of military related, but a marvelous engineering achievement, Erasmus Bridge -- perhaps the perfect moment to demonstrate my amateur photographer skills while tripping around. I will definitely share more shots from cons and life, the way I experience it, anytime now. And meanwhile, you can take a peek at the latest addition to the Eyeball Series, the North Korean Missile Launch Furor -- catching up with a conventional weaponry doctrine is anything else but a milestone.

Google Earth and Google Maps continue making the headlines as a "threat" to national security, where the key points remain the balancing of satellite reconnaissance capabilities between developed and developing nations, the freshness of the data, and it's quality. Sensitive locations can indeed be spotted, and then again, so what? And, with the launch of Geoportail.fr the French government aims at achieving transparency, rather than overhyping this common sense "insecurity". Continue reading →

No Other Place Like 127.0.0.1

Sincere apologies for the sudden disappearance, but thanks for the interest even though I haven't been active for the last week due to quality offline activities. No other place like 127.0.0.1, and the smell of an untouched by human hand, Cold War era postage stamps glue on my high value collections -- I do own several "stamp anomalies".

Collecting postage stamps is a challenging hobby for a teenager to have, mostly because of his usually low income, and this rather expensive hobby.The solution in my case back then, was bargaining while reselling ancient coins and purchasing postage stamps through the margins.While every collection has its story on how I acquired it, perhaps the most important thing I realized back then was that, if you don't respect something, sooner or later you're going to lose it to someone with a better attitude towards it.

Posting will resume shortly, a lot has happened for a week, and the only thing I pretend I'm not good at is wasting my time. As a matter of fact, I've got some very nice comments out of a presentation held at the University of Dresden, Germany, regarding my Future trends of malware research. Continue reading →

Web Application Email Harvesting Worm

This is a rare example of a web application vulnerability worm, targeting one of the most popular free email providers by harvesting emails within their 1GB mailboxes, and of course propagating further.

"Yahoo! on Monday has repaired a vulnerability in its email service that allowed a worm to harvest email addresses from a user accounts and further spread itself. The JS/Yamanner worm automatically executes when a user opens the message in the Yahoo Mail service. It uses JavaScript to exploit a flaw that until today was unpatched. Yahoo later on Monday fixed the vulnerability. "We have taken steps to resolve the issue and protect our users from further attacks of this worm. The solution has been automatically distributed to all Yahoo! Mail customers, and requires no additional action on the part of the user," Yahoo! spokeswoman Kelley Podboy said in an emailed statement."

Web application worms have the potential to dominate the malware threatscape given the amount of traffic their platforms receive, my point is that even within a tiny timeframe like this, one could achieve speed and efficiency like we've only seen in single-packet worms.

In a previous post related to the "Current State of Web Application Worms", you can also find more comments and resources on the topic. Rather defensive, the content spoofing exploiting the trust between the parties that I mentioned is nothing compared to the automated harvesting in this case. As there's naturally active research done in Bluetooth honeypots, IM honeypots, ICQ honeypots, Google Hacking honeypots, it's about time to start seeding your spam trap emails within free email providers or social networking providers.

The stakes are too high not to be exploited in one way or another, I hope we'll some day get surprised by a top web property coming up with a fixed vulnerability on their own. Realizing the importance of their emerging position as attack vector for malware authors is yet another issue to keep in mind. And the best part about web services is their push patching approach, you're always running the latest version, so relaying on end users is totally out of the question.

Find out more details on the worm, and comments as well.

UPDATE: Rather active month when it comes web application malware events, another Data-Theft Worm Targets Google's Orkut. Continue reading →

Consolidation, or Startups Popping out Like Mushrooms?

If technology is the enabler, and the hot commodity these days, spammers will definitely twist the concept of targeted marketing, while taking advantage of them. Last week I've mentioned the concepts of VoIP, WiFi and Cell phone spam that are slowly starting to take place.

Gartner recently expressed a (pricey) opinion on the upcoming consolidation of spam vendors, while I feel they totally ignored the technological revolution of spamming to come -- IPSec is also said to be dead by 2008..

"The current glut of anti-spam vendors is about to end, analysts at Gartner said Wednesday. But enterprises shouldn’t stay on the sidelines until the shakeout is over. By the end of the year, Gartner predicted, the current roster of about 40 vendors in the enterprise anti-spam filtering market will shrink to fewer than 10. As consolidation accelerates and as anti-spam technology continues to rapidly change, most of today’s vendors will be "left by the wayside," said Maurene Caplan Grey, a research director with Gartner, and one of two analysts who authored a recently-released report on the state of the anti-spam market."

The consequence of cheap hardware, HR on demand, angel investors falling from the sky on daily basis, and acquiring vendor licensed IP, would result in start ups popping up like mushrooms to cover the newly developed market segments, and some will stick it long enough not to get acquired given they realize they poses a core competency.

Sensor networks, spam traps, bayesian filters, all are holding the front, while we've getting used to "an acceptable level of spam", not the lack of it. What's emerging for the time being is the next logical stage, that's localized spam on native languages, and believe it or not, its gets through the filters, and impacts productivity, the major problem posed by spam.

SiteAdvisor -- I feel I'm almost acting as an evangelist of the idea -- recently responded to Scandoo's concept, by wisely starting to take advantage of their growing database, and provide the feature in email clients while protecting against phishing attacks. End users wouldn't consider insecure search by default in order to change their googling habits, they trust Google more than they would trust an extension, and they'd rather have to worry about Google abusing their click stream, compared to anything else. Anti-Phishing toolbars are a buzz, and it's nice to see the way they're orbiting around it.

Be a mushroom, don't look for an umbrella from day one! Continue reading →

It's Getting Cloudy, and Delicious

For real. A brief summary of the instant links for the last two days :

01. Eight Indian Startups to Watch - "Some startups are offering unique solutions for India’s burgeoning domestic market, others are targeting global markets. Several are going after both. Red Herring has chosen a few below-the-radar young companies that we think are worth watching." - to Investing Technology India on june 10

02. 'Grand Theft Auto' Game Makers Settle With FTC - "A settlement has been reached with the companies behind the popular video game "Grand Theft Auto: San Andreas," Take-Two Interactive and subsidiary Rockstar Games, which were sued for deceptive practices over hidden sexual content in the game." - to Game Investing on june 10

03. Symbian dismisses smartphone security risk - "David Wood, executive vice president of research at Symbian, said on the Symbian website that smartphones only pose a security risk if companies ignore basic practical rules." - to Malware Symbian on june 10

04. AV management 2006 - "We have assembled a comprehensive range from the leading anti-virus products available in today’s market. During our testing, we began by checking the capacity of these respective offerings to cope with basic tasks." - to Security Malware AntiVirus on june 10

05. Zero-Day Exploits Abound at Legitimate Web Sites - "An exploit distribution network controlled by a single organization that was using a network of 40 Internet domains, each of which was linked to an average of 500 infected sites, for a total of roughly 20,000 Web pages forwarding the groups' attacks." - to 0day Vulnerabilities on june 10

06. Taiwan Faces Increasing Cyber Assaults - "A hacker managed to issue an e-mail attachment that contained a fake press release purportedly from the Military Spokesman’s Office describing a meeting between People’s First Party representatives and MND officials." - to InformationWarfare Cyberwarfare Taiwan China on june 10

07. Social- and Interactive-Television Applications Based on Real-Time Ambient-Audio Identification - "We showed how to sample the ambient sound emitted from a TV and automatically determine what is being watched from a small signature of the sound—all with complete privacy and minuscule effort." - to NewMedia Privacy Surveillance on june 10

08. The Evolution of In-Game Ads - "Marketed as a way to help game makers increase their bottom line or make specific titles more realistic, advertisers are continually searching for ways to reach new audiences—young males and beyond."- to Game Advertising ... on june 11

09. Risks of Keeping User Data Outweigh Benefits - "Large data troves are certain to become targets of hackers, identity thieves and unscrupulous insiders. As the raft of recent data breaches has shown, there are plenty of companies, organizations and government agencies that do a lousy job at securing data." - to Security on june 11

10. Protect Me, Protect My Data - "Companies that underestimate security threats to their records do so at their own peril. It can mean a loss of trust and of business." - to Security on june 11

11. Audit finds security weaknesses at NASA center - "The IG’s audit found other problems as well. System administrators also accessed a key server containing security information without adequate encryption and did not remove unnecessary services from the network." - to Security NASA on june 11

12. America's Most Stolen Vehicles - "The Cadillac Escalade had the highest theft claim rate overall, according to the HLDI, and was the most stolen SUV, according to the CCC 2004 stolen vehicle report." - to Security Theft on june 11

13. N Korea in 'US spy plane' warning - "North Korea says it will punish the US, after claiming it is conducting spying flights over its territorial waters." - to Intelligence Reconnaissance on june 11

14. McAfee SiteAdvisor to add site blocking, extend ratings beyond Web - "McAfee is planning enhancements to its recently acquired SiteAdvisor software that will allow the Web-rating application to block inappropriate Web sites, offer safety ratings for online transactions and rate Web links that appear in e-mail and IM windows. - to McAfee SiteAdvisor on june 11

15. Google and Ebay : The MBA Analysis - "In fact, as they researched the paper over the course of the year, the authors came to the conclusion that eBay had no choice but to ally with either Yahoo or Microsoft. Then the Journal reported as much, and the Yahoo/eBay deal went down." - to NewMedia Google Ebay on june 11 Continue reading →

Travel Without Moving - Georgi Markov's KGB Assassination Spot

In the spirit of the previous hot spot in the Travel Without Moving series, here's another one, this time Georgi Markov's KGB Assassination spot. Georgi Markov was killed in London, in 1978, using a tiny pellet fired from an umbrella containing 0.2 milligram dose of poison ricin.

You may also find this Time Out's briefing on London's espionage locations interesting. Continue reading →

Going Deeper Underground

IT Security Goes Nuclear, at least that's what they say.

"Venture capitalists are predicting a "business boom below ground" as blue-chip companies turn to nuclear bunkers built at the height of the Cold War in the battle to protect sensitive electronic data. The latest private equity investor to move in on the area is Foresight Venture Partners, which has just taken a 20 per cent stake in The Bunker Secure Hosting."

But no matter how deep underground you are, you would still be providing an Internet connection given you're a hosting company. That's an open network, compared to a closed one which is more easy to control -- thick walls wouldn't matter when it comes to connectivity and insiders. It's logical for any data to be stated as secure in that type of environment, but an authorized/unauthorized "someone"will want to use and abuse it for sure.

VCs often exagerate to develop a market sector they somehow envision as profitable in the long term, the real issue is that, while the idea is very marketable, you cannon base future trends on this fact only. They'd better invest in market segments such as portable security solutions, or risk management companies such as Vontu and Reconnex, which I covered in a previous post related to insiders abuse. Continue reading →

There You Go With Your Financial Performance Transparency

Truly amazing, and the inavitable consequence of communication retention in the financial sector, but I feel it's the magnitude that resulted in Enron's entire email communication achive that's seems available online right now.

"Search through more hundreds of thousands of email messages to and from 176 former Enron executives and employees from the power-trading operations in 2000-2002. For the first time, they are available to the public for free through the easy-to-use interface of the InBoxer Anti-Risk Appliance. Create a free account, and go to work. You can search for words, phrases, senders, recipients, and more."

The interesting part is how their ex-risk management provider is providing the data, in between fighting with the Monsters in Your Mailbox. Continue reading →

All Your Confidentiality Are Belong To Us

The proof that commercial and open source encryption has surpassed the technologies to police it, or the idea that privacy and business growth as top priorities would ruin the whole initiative?

"The Government has launched a public consultation into a draft code of practice for a controversial UK law that critics have said could alienate big business and IT professionals. Part III of the Regulation of Investigatory Powers Act 2000 (RIPA) will, as it stands, give police the authority to force organisations and individuals to disclose encryption keys. The Government issued the public consultation on the code of practice for Part III, which will regulate how police and the courts use powers under the legislation, on Wednesday."

It would be interesting to see how they would initiate the response from individuals, without raising the the eyebrows on the majority of civil liberties watch dogs out there and, of course, businessess. That's of course, assuming they use encryption at the first place. Could be much more "wiser" to take advantage of covert practices to obtain the necessary information, instead of "forcing" this measure -- detecting encrypted/covert communication channels is another topic. Moreover, compared to the Australian police whose capabilities of obtaining information on criminals include the use of spyware is a bit contraversial, but adaptave approach.

If national infrastructure security matters, have individuals and enterprises personally take care of their security and encryption keys, promote data encryption, instead of dictating the vibrations by slowing down the basics through such laws. Continue reading →

Brace Yourself - AOL to Enter Security Business

In the re-emergence of the Web, AOL got the attention it never imagined it would get, Microsoft and Google fighting for a share of its modest, but strategic amount of eyeballs. After being an exclusive part of Time Warner's balance sheet since its early acquisition, and with a $510M fine, dial-up business that was profitable by the time telecoms started offering cable connections, due to the years of infrastructure renovation, the though to be mature online advertising model is what saved it. Now, AOL is basically putting half its leg into the red hot security market and wisely playing it safe as :

"AOL plans to expand into security services with the release of the Active Security Monitor, expected on Thursday. The program would also check to make sure Internet Explorer is properly configured to prevent security holes. "ASM determines a security score for your PC, and for all other PCs in your home network, by evaluating the status of all the major components needed for a robust system: Anti-Virus software, Anti-Spyware software, Firewall protection, Wireless Security, Operating System, Web Browser, Back up software and PC Optimization."

After the scoring, I presume it would "phone back home" and let AOL know what end users are mostly missing, then a solution provided by AOL, or a licensee would follow. Benchmarking against AOL's understanding of application based security is tricky, and I bet you already know the programs necessary to establish common sense security on your PC/network. Who's next to enter the security industry besides Microsoft and AOL, perhaps DoubleClick?

CNET has naturally reviewed the Active Security Monitor. Continue reading →

An Over-performing Spammer

Th3 4r7 0f $3nd!ng spam messages is evolving like never before, and while spammers are still catching up with the newest technologies such as VoIP, WiFi, Cell phones -- newest at least in respect to spamming -- trying to avoid the now mature indystry's practices, and taking advantage of the growing economies and their newbie users as victims, is what keeps it going.

I simply couldn't resist not to share this, seems like this spammer is totally overperforming himself. How would I fell a victim into this, given I cannot read what I'm about to get scammed with?

Spammers today are in a world of pain when it comes to the industry's experience in detecting their messages, still, spam continues to represent the majority of email traffic worldwide, and it's getting more creative. Images, "marketing" messages that you can barely read, old psychological tricks, but still, out of couple of million messages, someone still takes it personal, and feels like making a deal online.

Why spamming works? Because of the ubiquity of email, because of the freely available, marketed as fresh, email lists, and at the bottom line, the price for a spammer to send couple of million emails is getting lower with botnets on demand becoming a commodity. End users, end up sending spam to themselves for being infected with malware. What's next? Spamming is still catching up with the technological posibilities, and Chinese telecom operators for instance happen to be the most experienced ones in filtering mobile phones spam -- guess they're also over-performing in between censorship. Continue reading →

Bedtime Reading - Rome Inc.

If the Baby Business helped you envision the future, "Rome Inc - The Rise and Fall of the First Multinational Corporation" is going to help you perceive the past within today's corporate culture -- and Stanley Bing makes good points on every stage of the empire.

Basically, the book emphasizes on the "first multinational corporation" Rome, selling the ultimate product of its time - citizenship. Moreover, it goes in-depth into the concept of moguls and anti-moguls, and how their tensions indeed create an enterpreneurial and corporate culture in 120 A.D.

Every industry has moguls and anti-moguls, the behind the curtain disruptors at a specific stage. What are some of the characteristics of a mogul?

- Commision their PR
- Exercise power when feeling endangered -- elephants against the mice warfare
- Indirectly control the media that's "winning points" for quotations, and "credible" content
- Generally, tend to believe in being the Sun, when the universe tends to have so many dwarfs, and dimensions altogether
- Hide behind C-level positions
- Talk more than actually listen
- When they sneeze the whole industry gets cold

Certain societies, if not all, get obsessed with superficially creating heroes, so profesionally that at a certain point, the "hero" cannot deny any of the praises, but starts living with them and the load that comes altogether. Get hold of this masterpiece, you're gonna love it! Continue reading →