Travel Without Moving - North Korea Missile Launch Pad

Seems like it's North Korea's most active PR month given the public outbreak due to their unsuccessful launch of an intercontinental missile, so in these Travel Without Moving series I decided to feature the launch pad, originally came across it, nowhere else but at Cryptome's well sorted photo gallery of the event. Whereas the U.S is activating diplomatic ties in order to put more pressure on North Korea's tests, China and Russia among the rest of the superpowers seems to be teasing the U.S in a way only they can afford to -- let's don't forget the financial incentives for Russia to enrich Iran's uranium altogether. As far as Kim Jong Il is concerned, in between fueling growth in the infrastructure necessary to maintain a regime, he enjoys making secret meetings with ex-comrades while travelling to Moscow with his armoured train, as he's afraid of flying.

Previous series, related posts :
Travel Without Moving - Typhoon Class Submarines
Travel Without Moving - Cheyenne Mountain Operations Center
Travel Without Moving - KGB Lubyanka Headquarters
Travel Without Moving - Korean Demilitarized Zone
Travel Without Moving - Georgi Markov's KGB Assassination Spot
Travel Without Moving - Scratching the Floor

North Korea - Turn On the Lights, Please
Who Needs Nuclear Weapons Anymore?
Who's Who in Cyber Warfare?
Is a Space Warfare Arms Race Really Comming?
EMP Attacks - Electronic Domination in Reverse Continue reading →

How to Win the U.S Elections

Juicy barbecues, hugging babies, in between offering, and asking for the Moon days are over. E-voting is the future of technological political engineering. So, how can you win the U.S Elections?

01. Ensure one company holds a virtual monopoly in E-voting systems, thus contributing to yet another monocultural insecurity. If it naturally has some competition, insist its systems are placed in key regions, where barbecues wouldn't work.

02. Start a nation-wide PR campaign emphasizing on the benefits of E-voting. Mention it's innovative, it's going to cut costs while providing you with flexibility, the way it provides flexibity to citizens abroad, moreover, also emphasize on the increased speed of the results.

03. Make sure the rural areas where the masses of technologically unsophisticated citizens are the ones taking advantage of this immature concept. The point is that, even if there's an error, they got no chance of defining it.

04. If something "goes wrong" forward all the responsibility to the virtual monopolist, and promise pracautions against future possiblities for modifying the results -- anyway, sorry folks the elections are over, so till next time keep on speculating what actually happened.

Meanwhile, on the other side of the universe, where we should perhaps thank Jessus for coming up with more colours in live, than black and white only, I stumbled upon an Unredacted Diebold Black Box Voting Hack Reports with quite some disturbing images. Make sure the efficincy that you wish for, doesn't actually happen. A friend also tipped me on this quite longish report on the topic, and didn't forget to warn me to remove my 3D glassess before reading it either.

UPDATE : Interesting political reading related to veto power.

Clippy votes courtesy of the EFF. Continue reading →

BBC under the Intelligence Shadow

Nothing is impossible, the impossible just takes a little while. A relatively typical practices for the ex-USSR, namely controlling the media and profiling the journalists including the readers, seem to have been going on in London during the same period as well. According to the Sunday Telegraph, the BBC let intelligence agents vet staff :

"Confidential papers obtained by the Sunday Telegraph reveal that the British Broadcasting Corp. allowed intelligence agents to investigate the backgrounds and political affiliations of thousands of its employees, including newsreaders, reporters and continuity announcers. The files, which shed light on the BBC's hitherto secret links with the counter-espionage service known as MI5, show that at one stage it was responsible for vetting 6,300 BBC posts -- almost a third of the total work force. The procedure was phased out in the late 1980s. The files also show that the corporation maintained a list of "subversive organizations" and that evidence of certain kinds of political activity could be a bar to appointment or promotion."

If you can spell the name of the party while sleeping, and have subscribed to its periodical propaganda, only then you have the chance to unleash your career potential. I guess what they were worried about was an undercover Red reporter, taking advantage of live events and directly broadcasting a subvertive message -- remember when a guy invaded Truman's world in the "Truman show", and tried to warn the little kid he's on TV all the time? The interesting part is how even the spouses of applicants were subject to scrutiny.

There you go with the freedom of the press, I guess China must have had something in mind when blocking access to the BBC's web site. Continue reading →

China's Interest of Censoring Mobile Communications

Just came across to a great article at the IHT on China's interest of tightening control of cellphones :

"The new measures being contemplated for tightening control of cellphone use reportedly include mandatory user registration. Users now can easily buy cellphone cards at any convenience store, instantly obtaining a new phone number without identifying themselves. Whether through speech or short messaging, cellphones have played a major role in a wave of social unrest that has swept China in the last two years, allowing people to organize quickly and to spread news of police actions and other developments. Anonymous use of cellphones is a major loophole at a time when the state is investing heavily on monitoring communications of all kinds, and the authorities appear determined to close it"

Whereas there's been quite some media coverage on China's Internet censorship efforts, the country's under-developed income distribution model results in more people having access to plain simple cellphone communications compared to owning a PC. And even if they own a PC, or use public ones to access the Internet, information from China's provinces where the real China is, often breaks out through SMS messages -- or comes in. Venus Info Tech's Cybervision SMS Filtering System is what they've been using, and it seems it's the government's long-term partner. The article also points out on the illegality of reporting or broadcasting information on "sudden events", consider the SARS virus as one of these. Yet another in-depth article, indicates the only usefulness out of this censorship, or let's use a more friendly term, such as content monitoring/filtering, which is the detection of banking frauds and other scams -- can you censor "Bware, SMS unda ctrl" or learn to encode in such a way?

From a business perspective, the Chinese Internet population represents a hot opportunity for companies offering censorship-circumvention services -- IP cloaking and competitive intelligence among the other needs. It's interesting to note U.S government's interest in Chinese citizens having access to more information :

"Ultrareach and Dynamic Internet Technology (DIT) in North Carolina, both connected to Falun Gong, receive U.S. government funding through the International Broadcasting Bureau to help it get Voice of America and Radio Free Asia to Chinese Web surfers. Each day, DIT sends out millions of emails and text messages containing proxy links to Chinese citizens. About one million users have downloaded DIT's circumvention software, which automatically links to the firm's proxy servers, while ``hundreds of thousands'' directly access the proxy Web sites daily, said founder Bill Xia. UltraReach, claims 100,000 users use its proxies.All told, the IBB spends about $5 million a year on contracts with hacktivists and firms on censorship-busting efforts in countries such as China and Iran."

I also came across to an informative research on the topic, "The Wireless Leash : Mobile Messaging Service as a Means of Control". Recommended reading in case you want to know more on the topic from a social and political perspective, as well as go through many relevant cases.

UPDATE : China restricts Internet cafe access - "Rules on children in Internet cafes were imposed after Chinese officials warned that students were spending too much time playing online games and were getting access to violent and obscene material."

Related resources:
Censorship
China
2006 = 1984?
Anonymity or Privacy on the Internet?
World's Internet Censorship Map
China - the biggest black spot on the Internet’s map
Chinese Internet Censorship efforts and the outbreak
Securing political investments through censorship Continue reading →

Hacktivism Tensions - Israel vs Palestine Cyberwars

Oops, they did it again. The most recent case of hacktivism recently occurred :

"Shortly after IDF tanks rolled into Gaza, another old front of conflict was reopened early Wednesday morning, but in this battle Kassam rockets and artillery shells were replaced by worms and viruses as pro-Palestinian hackers shut down approximately 700 Israeli web domains. A range of different Web sites were targeted by the group, including Web sites of banks, medical centers, car manufacturers and pension funds.Well-known companies and organizations, including Bank Hapoalim, the Rambam Medical Center, Bank Otsar Ha-Hayal, BMW Israel, Subaru Israel and Citr en Israel, real estate company Tarbut-Hadiur and the Jump fashion Web site all found their Web sites shut down and replaced by the message: Hacked by Team-Evil Arab hackers u KILL palestin people we KILL Israel servers."

Zone-H has naturally covered the event and mirrored it, in between receiving an official PR release from the defacement group -- guess it's not just terrorists with cheap marketing teams given the badly structured press release. What these folks don't seem to be able to realize is that if they were to deface every web site hosting the infamous Muhammad cartoons, they would end up with a full-time job doing so. What's worth mentioning is the nature of defaced servers, banks, hospitals, private sector companies, my point is that if they were really up to causing havoc, they had the necessary privileges to do so. Let's not think on loud on worst case "what if" analysis though.

Defacements are a great example of PSYOPS , most importantly the indirect way of undermining a country's population confidence in their abilities to win any war or political campaign. During WWII brochures were laying around everywhere, and planes were dropping them across various cities to, either undermine, of influence the opinion of the locals towards their vision. The power of the Internet echo is what they're aiming to achieve, and while I may be whispering their "achievements" even further, the visitors of the affected sites partly got exposed to their propaganda. It's also to interesting to think of PSYOPS in reverse, that is users in countries with restrictive regimes trying to reach out the rest of world through malware -- beneficial malware, or beneficial PSYOPS?

What the current, emerging and future state of Hacktivism? In her outstanding research titled "Hacktivism and the Future of Political Participation", Alexandra Samuel points out some of the key points to keep in mind, and constructively speculates on the future trends.

At the bottom line, what's all the fuss about? No, it's not because an Israeli covert operative was kidnapped and held hostage, but because of an 18 years old "destruction machine" which reminds me of the way we used to argue and wage wars on the sand around the same age. The type of, "the wind has just blown your soldier way beyond the DMZ, and therefore we have no other choice but to attack you with all our forces. Resistance is futile!" conflicts.

Go to school, hell, even go to an ethical hacking one, or else you'll end up like a walking sausage having to squeeze yourself with a belt so tight in order not to have your pants fall down! Automated defacement tool shot courtesy of WebSense. And btw, how was your July Morning?

Related resouces :
Israeli-Palestinian Cyberconflict (IPCC) - the complete coverage back in 2001!
The Israeli-Palestinian Cyberconflict
Activism, Hacktivism, and Cyberterrorism : The Internet as a Tool for Influencing Foreign Policy
The Cycle of Cyber Conflict
Cyber Attacks During the War on Terrorism
Examining the Cyber Capabilities of Islamic Terrorist Groups
Cyberprotests : The Threat to the U.S Information Infrastructure
Analysis: U.S.-China 'cyberwar' fires blanks
Techno Imperialism and the Effect of Cyberterrorism
Cyberterrorism - don't stereotype and it's there!
Cyberterrorism - recent developments Continue reading →

Real-Time PC Zombie Statistics

Zombies inevitably turning into botnets represent a huge, automated and efficient advantage to malicious attackers, I topic and most of its dimensions I covered in my Future trends of malware research. CipherTrust's Zombie Stats help you measure the approximate population of infected zombie PCs according to the vendor's TrustedSource. Not surprisingly, China's steadily increasing novice Internet population, both represents a growing menace to the entire Internet, and a market development opportunity for AV and security vendors. The situation is getting of hand with ISPs upgrading Internet connections, while still not putting enough efforts when it comes to dealing with botnets. And while some are taking actions under enforcement, major ISPs are still reluctant to face the issue -- ISPs still prefer to offer security services on a license basis or through reseller partnerships, though I'm certain there's an entire market segment waiting to be discovered by them if they manage to reset their position in this space.

Moreover, Prolexic's Zombie report for Q1-Q2 2005, provides even more detailed info, and a neat visualization of the routes involved with DDoS attacks, where the blue represents the U.S, and the red China. For the the time being, the ShadowServer guys keep on enthusiastically dealing with the problem, for no profit at all. Continue reading →

The WarDriving Police and Pringles Hacking

These days you never know where the next hacking attempt on your wireless network may come from. In this case, it's from the police, as authorities start mimicking wardriving behavior :

"The Douglas Country Sheriff's DOffice says it's going to start warning computer users that their networks may be vulnerable to hackers. The Sheriff's Department plans to equip several of its community service and patrol cars with devices that detect unprotected computer networks. In cases where investigators can figure out who owns the networks, they'll try to warn of potential security issues. They'll also drop off brochures with instructions to computer users on how to password protect their networks."

Back in 2004, Kelly Martin wrote a very pragmatic article on Catching a virus writer, empasizing on how "with the consumer WiFi explosion, launching a virus into the wild has never been easier and more anonymous than it is today." Moreover, Kaspersky labs recently assessed the situation in England, and you can easily see the need of basic awareness there.

I don't feel it's a good idea mainly because it generates more noise for the end user to sort through. They'd rather assess and position on a map the regions with most vulnerable networks and figure out a cost-effective ways of spreading awareness in these regions, instead of taking the role of an ethical wardriving. On the other hand, if they start taking care of wireless, would they start taking into consideration Bluetooth as well? There're just too many ethical wardrivers to deal with and deceive these days, and creative end users tend to multiply themselves or, of course, use common sense protection.

WarDriving Awareness brochure courtesy of Tom Hayward. Recommended reading - "War, Peace, or Stalemate: Wargames, Wardialing, Wardriving, and the Emerging Market for Hacker Ethics". Continue reading →

North Korea - Turn On the Lights, Please

North Korea's recent missile launch furor, and the obvious conventional weaponry doctrine in place, as well as my comments in the Travel Without Moving series - Korean Demilitarized Zone, reminded me of a how they tend to fuel growth in military spending/the regime, where the trade-off is a developing economy, or any economy at all. I feel North Korea is still quite dark these days, very impressive imagery showing that :

"South Korea is bright, North Korea is dark. This amazing image is included in the standard US Department of Defense briefings on North Korea. It was mentioned in a news briefing on 23 December 2002 by Defense Secretary Rumsfeld, who stated that "If you look at a picture from the sky of the Korean Peninsula at night, South Korea is filled with lights and energy and vitality and a booming economy; North Korea is dark." There are a number of versions of this image in circulation, with visible differences that vary according to the conditions at the time the imagery was acquired."

Rich Karlgaard's comment on lifting North Korea sanctions, and Quentin Hardy's argument that "Capitalism has corrupted other authoritarian regimes, why not North Korea?”are worth taking into consideration. Continue reading →

Tracking Down Internet Terrorist Propaganda

I always knew there's a team of cheap marketers behind every terrorist organization trying to market yet another multimedia killing, or put it simple fear, treats, and no respect for life. Why cheap? Mainly because there's no segmentation or niche issues to deal with, but mostly mass marketing, while harnessing the power of the never ending resonation from the media echo.

Rather biased, today's opinion on Cyberterrorism always has to do primarily with destruction as the core of the problem. Active research is already conducted on "Arabic Extremist Group Forum Messages' Characteristics" and "Terrorist Social Network Analysis", and the real issues still remain communication, research, fundraising, propaganda, recruitment and training -- I wish Dorothy Denning was also blogging on the topic!

iDefense, being the masters of CYBERINT, recently found jihadist web sites related to Zarqawi's "Successor". The interesting part :

"This website contains forums with a mix of threads covering items from the latest information on the militants in the Middle East, such as a video of militants in Syria, to hacker education, such as Microsoft Word documents available for downloading that detail CGI, unicode and php exploits. The members appear to be interested in physical and cyber-related threats. The membership of the site is growing and is already over 10,000+ members. Plus, we at iDefense/VeriSign are very interested to see what hacking issues or levels of cyber expertise may be covered on this site."

By the way, I just came across to an outstanding list of Islamic sites at Cryptome. These are definitely about to get crawled, analyzed, and for sure, under attack in the future. For instance, the most recent example of hacktivism tensions, are the hundreds of hacked Israeli web pages, in the light of Israel's military action in Gaza.

Further reading on:
Terrorism
Cyberterrorism
How Modern Terrorism Uses the Internet
Jihad Online : Islamic Terrorists and the Internet
Right-wing Extremism on the Internet
Terrorist web sites courtesy of the SITE Institute
The HATE Directory November 2005 update
Recruitment by Extremist Groups on the Internet Continue reading →

Delicious Information Warfare - 24/27 June

Go through my daily reads for 13/24 June as well.

01. Meteorite Collision - "Japanese animation showing what would happen if a giant meteor hit the Earth." to Space on june 25

02. Should We Lift North Korean Sanctions? - "Quentin Hardy summed up his side’s argument: “Capitalism has corrupted other authoritarian regimes, why not North Korea?”to Investing on june 25

03. The ABCs of New Security Leadership - "Maintaining the right level of boardroom and employee awareness is a consequence of leadership. And more effective ideas and tactics are replacing the old, reactive security leadership paradigm. Below, CSO looks at what's Out and what's In." to Security Leadership on june 27

04. Blackmailer : the story of Gpcode - "Analysts at Kaspersky Lab had successfully cracked a 660 bit RSA encryption key. This was the latest victory against a cyber blackmailer that had been plaguing users in Russia for over a year and a half." to Malware Ransomware on june 27

05. My Anti-Virus Revolving Door - "I'm the Donald Trump of anti-virus software testing. It won't be long before they're all fired." to Malware AntiVirus on june 27

06. Eyeballing Israel Signal Facilities - "Israeli Signal Facilities, courtesy of the Eyeball Series." to Security Defense Reconnaissance Satellite GEOINT on june 27

07. DHS Special Report Can DHS meet IT cybersecurity expectations? - “In the Defense budget we have put hundreds of millions of dollars in for info. dominance,” Weldon said. He cited Pentagon programs to fund universities to launch cybersecurity studies centers and to expand the military’s own cybersecurity programs." to Security Defense Cyberterrorism Leadership on june 27

08. Tampa GOP Cyber-Attack - "As the global Islamist war heats up, technically savvy cyber-terrorists will continue to look to find weaknesses in the Internet infrastructure of the West." to InformationWarfare Cyberterrorism Hacktivism PSYOPS on june 27

09. Analysis Warns U.S. of Cyber Security Weaknesses - "If our nation is hit by a cyber Katrina that wipes out large parts of the Internet, there is no coordinated plan in place to restart and restore the Internet," said John J. Castellani, President of the Roundtable." to Security Defense Cyberterrorism Leadership on june 27

10. Ignoring the Great Firewall of China - "The so-called "Great Firewall of China" operates, in part, by inspecting TCP packets for keywords that are to be blocked. If the keyword is present, TCP reset packets (viz: with the RST fag set) are sent to both endpoints of the connection.." to Censorship China FreeSpeech on june 27

11. Encyclopedia of Espionage, Intelligence, and Security - "Espionage information." to Intelligence Espionage on june 27

12. China-Led Group to Fight Web Fraud, Cyber Terrorism - "A Russian and Chinese-led bloc of Asian states said Thursday it plans to set up an expert group to boost computer security and help guard against threats to their regimes from the Internet." to Security on june 27

13. Immunizing The Internet, Or : How I Learned To Stop Worrying And Love The Worm - "In a 1997 exercise, NSA teams hacked into computer systems at four regional military commands and the National Military Command Center and showed that hackers could cause large-scale power outages and 911 emergency telephone network overloads." to Security Defense InformationWarfare Cyberterrorism on june 27

14. Five Questions For Martin Roesch, Founder and CTO of Sourcefire - "In 1998, Roesch created Snort, an app that sniffs out malicious traffic trying to enter a network. Snort's free source code has been downloaded more than 3 million times." to Interview on june 27

15. Firms Eye Video Surveillence - "And as the technology shrinks, the cameras slip deeper into the background, hardly noticed, streaming more than 4 billion hours of footage a week—footage that usually ends up lost, and never seen." to Surveillance CCTV Technology on june 27

16. How big is Earth compared to other planets and stars? - "Fun series of photos comparing Earth's size to that of other planets and stars." to Space on june 27

17. All-Seeing Blimp on the Rise - "The problem with the American military today is that it doesn't have a giant, robotic airship, two-and-a-half times the size of the Goodyear blimp, that can watch over an entire city at once.The idea is to park an unmanned airship over a hot zone. to Military Surveillance Privacy on june 27

18. Malware in Popular Networks - "Some of the other popular means of computer supported collaboration are USENET, IRC, P2P, IM. We have seen a consistent uprise of malware targeting these collaborative systems."
to Malware on june 27

19. Word macro trojan dropper and (another) downloader - "We've seen a lot of new malware being spammed in last couple of hours." to Malware on june 27 Continue reading →

Malicious Web Crawling

SiteAdvisor indeed cashed for evaluating the maliciosness of the web, and New Zealand feels that nation wide google hacking initiatives are a more feasible solution to the problem of google hacking, compared to the Catawba County Schools Board of Education who blamed Google for indexing student test scores & social security numbers. It's like having a just-moved, 25/30 years old neighbors next to your place, who didn't know you have thermal movement detection equipment and parabolic microphones, in order to seal the house by using robots.txt, or assigning the necessary permissions on the web server asap.

Tip to the Board of Education, don't bother Google but take care of the problem on your own, immediately, through Google's automatic URL removal system, by first "inserting the appropriate meta tags into the page's HTML code. Doing this and submitting via the automatic URL removal system will cause a temporary, 180-day removal of these pages from the Google index, regardless of whether you remove the robots.txt file or meta tags after processing your request."

Going back to the idea of malicious web crawling, the best "what if" analysis comes from Michal Zalewski, back in 2001's Phrack issue article on "The Rise of the Robots" -- nice starting quote! It tries to emphasize that "Others - Internet workers - hundreds of never sleeping, endlessly browsing information crawlers, intelligent agents, search engines... They come to pick this information, and - unknowingly - to attack victims. You can stop one of them, but can't stop them all. You can find out what their orders are, but you can't guess what these orders will be tomorrow, hidden somewhere in the abyss of not yet explored cyberspace. Your private army, close at hand, picking orders you left for them on their way. You exploit them without having to compromise them. They do what they are designed for, and they do their best to accomplish it. Welcome to the new reality, where our A.I. machines can rise against us."

That's a far more serious security issue to keep an eye on, instead of Google's crawlers eating your web site for breakfast. Continue reading →

Shots From the Wild - Terrorism Information Awareness Program Demo Portal

A lot has changed since my last post on "Data mining, terrorism and security", namely NSA's warrantless surveillance efforts. So, in the spirit of a second possible NSA facility, I've decided to post a shot from the TIA's early stages of development obtained though the most detailed, conceptual, and from a developer's point of view description of the program.

There've also been speculations on the severity of NSA wiretapping program compared to the Watergate scenario, while I feel that besides political engineering through infowar, it also occurs relatively more often over a juicy barbecue.

Related resources on Intelligence, NSA, Surveillance, Wiretapping. Continue reading →

Dealing with Spam - The O'Reilly.com Way

While China feels that centralization is the core of everything, and is licensing the use of mail servers to fight spam, thus totally ignoring the evolution of spam techniques, the other day I came across to some recent Spam Statistics from Oreilly.com -- scary numbers!

"Our mail servers accepted 1,438,909 connections, attempting to deliver 1,677,649 messages. We rejected 1,629,900 messages and accepted only 47,749 messages. That's a ratio of 1:34 accepted to rejected messages! Here is how the message rejections break down:

Bad HELO syntax: 393284
Sending mail server masquerades as our mail server: 126513
Rejected dictionary attacks: 22567
Rejected by SORBS black list: 262967
Rejected by SpamHaus black list: 342495
Rejected by local block list: 5717
Sender verify failed: 4525
Recipient verify failed (bad To: address): 287457
Attempted to relay: 5857
No subject: 176
Bad header syntax: 0
Spam rejected (score => 10): 42069
Viruses/malware rejected: 2575
Bad attachments rejected: 1594"

Draw up the conclusions for yourself, besides shooting into the dark or general syntax errors, total waste of email traffic resulting in delayed email is the biggest downsize here, thankfully, non-commercial methods are still capable of dealing with the problem. At the bottom line, sending a couple of million email messages on the cost of anything, and getting a minor response from a "Hey this is hell of a deal and has my username on the top of it!" type of end users seems to keep on motivating the sender. Localized spam is much more effective as an idea, but much easier to trace compared to mass-marketing approaches, though I feel it would emerge with the time.

Browse through Spamlinks.net for anything anti-spam related, quite an amazing resource. Continue reading →

Big Brother in the Restroom

Wikes! This is nasty, and while the porn industry has commercialized the idea a long time ago, I never imagined the levels of crime in public restrooms would "reach" levels requiring CCTVs to be installed -- if there's so much vandalism going on in public restrooms, these will definitely get stolen as well, picture the situation! Norway installs surveillance cameras in park restrooms.

Hint : once you get involved in the CCTV irony, I say irony mainly because the dude behind the 40 motion detection and face recognition wall is having another CCTV behind his back, you end up spending tax payers money to cover "blind spots", and end up with a negative ROI while trying to achieve self-regulation, if one matters!

Surveillance and Society's journal still remains the most resourceful publication on surveillance studies and its impact on society.

Further reading and previous cases:
The Hidden Camera
Iowa Judge Says Hidden Restroom Camera Case Can Proceed to Trial Continue reading →

World's Internet Censorship Map

While it seems rather quiet on the Internet's censorship front, the media coverage on the topic represents a cyclical buzz that reemerges with the time.

Thankfully, initiatives as the OpenNet one, and organizations such as Reporters Without Borders never stop being the society's true watchdogs when it comes to Internet censorship. ONI's neat visualization of the Internet filtering map is a great way of pin pointing key locations, and provide further details through their in-depth reports, take a look for yourself!

Censorship is capable of running entire governments, maintaining historical political power, and mostly ruling by "excluding the middle". Recently, two of China's leading Internet portals were shut down due to maintenance issues acting as the excuse for improving their filtering capabilities. Reporters Without Borders conducted an outstanding analysis of the situation, coming to the conclusion "that the search engines of China’s two leading Internet portals, Sina and Sohu, after they were shut down from 19 to 21 June for what they described as a “technical upgrade” but which in fact was designed to improve the filtering of their search results."

What is Google up to? Making business compromises in order to harness the power of the growing Chinese Internet population. And while the Wall is cracking from within, the world is also taking actions against the fact that there're currently 30 journalists behind bars in China. Continue reading →

Delicious Information Warfare - 13/24 June

Brief summaries of key events for the last week and a half, catch up with previous ones as well. I intend to continue sharing my daily reads while emphasizing on the big picture, and emerging trends. Great quote courtesy of the The Royal Swedish Academy of War Sciences : “The world isn’t run by weapons anymore, or energy, or money. It’s run by little ones and zeros, little bits of data. It’s all just electrons. . . . There’s a war out there . . . and it’s not about who’s got the most bullets. It’s about who controls the information. What we see and hear, how we work, what we think, it’s all about information.”

01. Eyeballing North Korean Missile Launch Furor - "Latest satellite photo coverage and description of the launch site facilities." to Military Satellite Reconnaissance GEOINT ... on 25 June

02. VoIP wiretapping could lead to more problems - "Requiring Internet service providers to respond in real time to requests for them to record VoIP calls would open up the Internet to new vulnerabilities, Whitfield Diffie added." to Intelligence Terrorism Wiretapping CALEA VoIP on 25 June

03. Police arrest two in Japan data theft case - "Blackmailers attempted to extort almost $90,000 from one of Japan's largest phone companies by threatening to reveal a leak of private data belonging to four million customers before a major shareholder meeting." to Espionage Insider Investing on 25 June

04. Kevin Mitnick, the great pretender - "ZDNet UK caught up with the ex-cracker to discuss developments in social engineering, new U.S. laws monitoring telephone systems and alleged "NASA hacker" Gary McKinnon's impending extradition to the United States." to Security Interview on 25 June

05. Data-Theft Worm Targets Google's Orkut - "Now, however, the infection will pop up a message telling you your data is being mailed off someplace, before sending you to the Orkut site." to Malware Web on 25 June

06. French Microsoft Web site hacked - "Hackers on Sunday broke into a part of Microsoft's French Web site, replacing the front page with online graffiti." to Hacktivism Microsoft Defacement on 25 June

07. SCADA industry debates flaw disclosure - "The guys who are setting up these systems are not security professionals. And many of the systems that are running SCADA applications were not designed to be secure--it's a hacker's playground."
to Security SCADA Cyberterrorism Vulnerabilities on 25 June

08. Details emerge on second potential NSA facility - "The room had a sophisticated set of double security doors, known as a "mantrap," and any engineer who worked inside required extensive security clearances." to Intelligence NSA Terrorism Surveillance Wiretapping on 25 June

09. Next-Gen Bank Trojans Are Upon Us - "The 3G Banking Trojan can steal your info and then siphon your account of its cash. The 3G Banking Trojan began with the "Win32.Grams" piece of malware, which first appeared in 2004."to Malware on 25 June

10. Malware authors eyeing Web-based applications - "As Web-based services grow increasingly popular, industry experts say users should brace for more of these threats." to Malware Web on 25 June

11. Stratcom leads DOD cyberdefense efforts - “Unfortunately for us, cyberterrorism is cheap, and it’s fast,” Kehler said. “Today’s terrorist moves at the speed of information.” to Defense InformationWarfare Cyberterrorism on 25 June

12. Text Messaging Used as Malware Lure - "Botnet herders have found a crafty new way to lure computer users to maliciously rigged Web sites—via text messaging on cell phones." to Malware Mobile on 25 June

13. Two China Search Sites Shut - "Censorship or maintenance? That’s the question after two Chinese search engines shut down temporarily." to China Censorship FreeSpeech on 25 June

14. Web services increasingly under attack - "As larger audiences flock to Web sites that run on ever more powerful programming scripts, malware writers are them fertile ground." to Security Malware Web on 25 June

15. What's the Endpoint of Endpoint Security? - "Finally, there’s a more manipulative progenitor of new jargon: the analyst community. White papers, market reports and mystical squares can get crowded, and the big vendors often dominate them."
to Security Investing Advertising Leadership on 25 June

16. Expatriates in Canada pressured to spy - "Despite strong warnings from the government of Canada, certain countries continue to use their intelligence services to manipulate and exploit expatriate communities in Canada," CSIS said." to Intelligence OSINT Espionage on 25 June

17. Review: Terror On The Internet - "Terror on the Internet" usefully outlines the basic contours of his subject, giving a taste of Al Qaeda's Internet rhetoric and strategies, along with those of less well-known militant groups from Colombia to the Basque country to Chechnya." to InformationWarfare Cyberterrorism Terrorism PSYOPS on 25 June

18. Web of terror - "The suspects reportedly became radicalized through militant Web sites and received online advice from Younis Tsouli, the Britain-based Webmaster for Islamic extremist sites who called himself "Terrorist 007," before he was arrested late last year." to InformationWarfare Cyberterrorism Terrorism PSYOPS Web on 25 June Continue reading →

Travel Without Moving - Erasmus Bridge

Catching up with last week's Travel Without Moving shot, this one isn't intelligence of military related, but a marvelous engineering achievement, Erasmus Bridge -- perhaps the perfect moment to demonstrate my amateur photographer skills while tripping around. I will definitely share more shots from cons and life, the way I experience it, anytime now. And meanwhile, you can take a peek at the latest addition to the Eyeball Series, the North Korean Missile Launch Furor -- catching up with a conventional weaponry doctrine is anything else but a milestone.

Google Earth and Google Maps continue making the headlines as a "threat" to national security, where the key points remain the balancing of satellite reconnaissance capabilities between developed and developing nations, the freshness of the data, and it's quality. Sensitive locations can indeed be spotted, and then again, so what? And, with the launch of Geoportail.fr the French government aims at achieving transparency, rather than overhyping this common sense "insecurity". Continue reading →

No Other Place Like 127.0.0.1

Sincere apologies for the sudden disappearance, but thanks for the interest even though I haven't been active for the last week due to quality offline activities. No other place like 127.0.0.1, and the smell of an untouched by human hand, Cold War era postage stamps glue on my high value collections -- I do own several "stamp anomalies".

Collecting postage stamps is a challenging hobby for a teenager to have, mostly because of his usually low income, and this rather expensive hobby.The solution in my case back then, was bargaining while reselling ancient coins and purchasing postage stamps through the margins.While every collection has its story on how I acquired it, perhaps the most important thing I realized back then was that, if you don't respect something, sooner or later you're going to lose it to someone with a better attitude towards it.

Posting will resume shortly, a lot has happened for a week, and the only thing I pretend I'm not good at is wasting my time. As a matter of fact, I've got some very nice comments out of a presentation held at the University of Dresden, Germany, regarding my Future trends of malware research. Continue reading →

Web Application Email Harvesting Worm

This is a rare example of a web application vulnerability worm, targeting one of the most popular free email providers by harvesting emails within their 1GB mailboxes, and of course propagating further.

"Yahoo! on Monday has repaired a vulnerability in its email service that allowed a worm to harvest email addresses from a user accounts and further spread itself. The JS/Yamanner worm automatically executes when a user opens the message in the Yahoo Mail service. It uses JavaScript to exploit a flaw that until today was unpatched. Yahoo later on Monday fixed the vulnerability. "We have taken steps to resolve the issue and protect our users from further attacks of this worm. The solution has been automatically distributed to all Yahoo! Mail customers, and requires no additional action on the part of the user," Yahoo! spokeswoman Kelley Podboy said in an emailed statement."

Web application worms have the potential to dominate the malware threatscape given the amount of traffic their platforms receive, my point is that even within a tiny timeframe like this, one could achieve speed and efficiency like we've only seen in single-packet worms.

In a previous post related to the "Current State of Web Application Worms", you can also find more comments and resources on the topic. Rather defensive, the content spoofing exploiting the trust between the parties that I mentioned is nothing compared to the automated harvesting in this case. As there's naturally active research done in Bluetooth honeypots, IM honeypots, ICQ honeypots, Google Hacking honeypots, it's about time to start seeding your spam trap emails within free email providers or social networking providers.

The stakes are too high not to be exploited in one way or another, I hope we'll some day get surprised by a top web property coming up with a fixed vulnerability on their own. Realizing the importance of their emerging position as attack vector for malware authors is yet another issue to keep in mind. And the best part about web services is their push patching approach, you're always running the latest version, so relaying on end users is totally out of the question.

Find out more details on the worm, and comments as well.

UPDATE: Rather active month when it comes web application malware events, another Data-Theft Worm Targets Google's Orkut. Continue reading →

Consolidation, or Startups Popping out Like Mushrooms?

If technology is the enabler, and the hot commodity these days, spammers will definitely twist the concept of targeted marketing, while taking advantage of them. Last week I've mentioned the concepts of VoIP, WiFi and Cell phone spam that are slowly starting to take place.

Gartner recently expressed a (pricey) opinion on the upcoming consolidation of spam vendors, while I feel they totally ignored the technological revolution of spamming to come -- IPSec is also said to be dead by 2008..

"The current glut of anti-spam vendors is about to end, analysts at Gartner said Wednesday. But enterprises shouldn’t stay on the sidelines until the shakeout is over. By the end of the year, Gartner predicted, the current roster of about 40 vendors in the enterprise anti-spam filtering market will shrink to fewer than 10. As consolidation accelerates and as anti-spam technology continues to rapidly change, most of today’s vendors will be "left by the wayside," said Maurene Caplan Grey, a research director with Gartner, and one of two analysts who authored a recently-released report on the state of the anti-spam market."

The consequence of cheap hardware, HR on demand, angel investors falling from the sky on daily basis, and acquiring vendor licensed IP, would result in start ups popping up like mushrooms to cover the newly developed market segments, and some will stick it long enough not to get acquired given they realize they poses a core competency.

Sensor networks, spam traps, bayesian filters, all are holding the front, while we've getting used to "an acceptable level of spam", not the lack of it. What's emerging for the time being is the next logical stage, that's localized spam on native languages, and believe it or not, its gets through the filters, and impacts productivity, the major problem posed by spam.

SiteAdvisor -- I feel I'm almost acting as an evangelist of the idea -- recently responded to Scandoo's concept, by wisely starting to take advantage of their growing database, and provide the feature in email clients while protecting against phishing attacks. End users wouldn't consider insecure search by default in order to change their googling habits, they trust Google more than they would trust an extension, and they'd rather have to worry about Google abusing their click stream, compared to anything else. Anti-Phishing toolbars are a buzz, and it's nice to see the way they're orbiting around it.

Be a mushroom, don't look for an umbrella from day one! Continue reading →