While China feels that centralization is the core of everything, and is licensing the use of mail servers to fight spam, thus totally ignoring the evolution of spam techniques, the other day I came across to some recent Spam Statistics from Oreilly.com -- scary numbers!
"Our mail servers accepted 1,438,909 connections, attempting to deliver 1,677,649 messages. We rejected 1,629,900 messages and accepted only 47,749 messages. That's a ratio of 1:34 accepted to rejected messages! Here is how the message rejections break down:
Bad HELO syntax: 393284
Sending mail server masquerades as our mail server: 126513
Rejected dictionary attacks: 22567
Rejected by SORBS black list: 262967
Rejected by SpamHaus black list: 342495
Rejected by local block list: 5717
Sender verify failed: 4525
Recipient verify failed (bad To: address): 287457
Attempted to relay: 5857
No subject: 176
Bad header syntax: 0
Spam rejected (score => 10): 42069
Viruses/malware rejected: 2575
Bad attachments rejected: 1594"
Draw up the conclusions for yourself, besides shooting into the dark or general syntax errors, total waste of email traffic resulting in delayed email is the biggest downsize here, thankfully, non-commercial methods are still capable of dealing with the problem. At the bottom line, sending a couple of million email messages on the cost of anything, and getting a minor response from a "Hey this is hell of a deal and has my username on the top of it!" type of end users seems to keep on motivating the sender. Localized spam is much more effective as an idea, but much easier to trace compared to mass-marketing approaches, though I feel it would emerge with the time.
Browse through Spamlinks.net for anything anti-spam related, quite an amazing resource.
Monday, June 26, 2006
Dealing with Spam - The O'Reilly.com Way
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Big Brother in the Restroom
Wikes! This is nasty, and while the porn industry has commercialized the idea a long time ago, I never imagined the levels of crime in public restrooms would "reach" levels requiring CCTVs to be installed -- if there's so much vandalism going on in public restrooms, these will definitely get stolen as well, picture the situation! Norway installs surveillance cameras in park restrooms.
Hint : once you get involved in the CCTV irony, I say irony mainly because the dude behind the 40 motion detection and face recognition wall is having another CCTV behind his back, you end up spending tax payers money to cover "blind spots", and end up with a negative ROI while trying to achieve self-regulation, if one matters!
Surveillance and Society's journal still remains the most resourceful publication on surveillance studies and its impact on society.
Further reading and previous cases:
The Hidden Camera
Iowa Judge Says Hidden Restroom Camera Case Can Proceed to Trial
Hint : once you get involved in the CCTV irony, I say irony mainly because the dude behind the 40 motion detection and face recognition wall is having another CCTV behind his back, you end up spending tax payers money to cover "blind spots", and end up with a negative ROI while trying to achieve self-regulation, if one matters!
Surveillance and Society's journal still remains the most resourceful publication on surveillance studies and its impact on society.
Further reading and previous cases:
The Hidden Camera
Iowa Judge Says Hidden Restroom Camera Case Can Proceed to Trial
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
World's Internet Censorship Map
While it seems rather quiet on the Internet's censorship front, the media coverage on the topic represents a cyclical buzz that reemerges with the time.
Thankfully, initiatives as the OpenNet one, and organizations such as Reporters Without Borders never stop being the society's true watchdogs when it comes to Internet censorship. ONI's neat visualization of the Internet filtering map is a great way of pin pointing key locations, and provide further details through their in-depth reports, take a look for yourself!
Censorship is capable of running entire governments, maintaining historical political power, and mostly ruling by "excluding the middle". Recently, two of China's leading Internet portals were shut down due to maintenance issues acting as the excuse for improving their filtering capabilities. Reporters Without Borders conducted an outstanding analysis of the situation, coming to the conclusion "that the search engines of China’s two leading Internet portals, Sina and Sohu, after they were shut down from 19 to 21 June for what they described as a “technical upgrade” but which in fact was designed to improve the filtering of their search results."
What is Google up to? Making business compromises in order to harness the power of the growing Chinese Internet population. And while the Wall is cracking from within, the world is also taking actions against the fact that there're currently 30 journalists behind bars in China.
Thankfully, initiatives as the OpenNet one, and organizations such as Reporters Without Borders never stop being the society's true watchdogs when it comes to Internet censorship. ONI's neat visualization of the Internet filtering map is a great way of pin pointing key locations, and provide further details through their in-depth reports, take a look for yourself!
Censorship is capable of running entire governments, maintaining historical political power, and mostly ruling by "excluding the middle". Recently, two of China's leading Internet portals were shut down due to maintenance issues acting as the excuse for improving their filtering capabilities. Reporters Without Borders conducted an outstanding analysis of the situation, coming to the conclusion "that the search engines of China’s two leading Internet portals, Sina and Sohu, after they were shut down from 19 to 21 June for what they described as a “technical upgrade” but which in fact was designed to improve the filtering of their search results."
What is Google up to? Making business compromises in order to harness the power of the growing Chinese Internet population. And while the Wall is cracking from within, the world is also taking actions against the fact that there're currently 30 journalists behind bars in China.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Sunday, June 25, 2006
Delicious Information Warfare - 13/24 June
Brief summaries of key events for the last week and a half, catch up with previous ones as well. I intend to continue sharing my daily reads while emphasizing on the big picture, and emerging trends. Great quote courtesy of the The Royal Swedish Academy of War Sciences : “The world isn’t run by weapons anymore, or energy, or money. It’s run by little ones and zeros, little bits of data. It’s all just electrons. . . . There’s a war out there . . . and it’s not about who’s got the most bullets. It’s about who controls the information. What we see and hear, how we work, what we think, it’s all about information.”
01. Eyeballing North Korean Missile Launch Furor - "Latest satellite photo coverage and description of the launch site facilities." to Military Satellite Reconnaissance GEOINT ... on 25 June
02. VoIP wiretapping could lead to more problems - "Requiring Internet service providers to respond in real time to requests for them to record VoIP calls would open up the Internet to new vulnerabilities, Whitfield Diffie added." to Intelligence Terrorism Wiretapping CALEA VoIP on 25 June
03. Police arrest two in Japan data theft case - "Blackmailers attempted to extort almost $90,000 from one of Japan's largest phone companies by threatening to reveal a leak of private data belonging to four million customers before a major shareholder meeting." to Espionage Insider Investing on 25 June
04. Kevin Mitnick, the great pretender - "ZDNet UK caught up with the ex-cracker to discuss developments in social engineering, new U.S. laws monitoring telephone systems and alleged "NASA hacker" Gary McKinnon's impending extradition to the United States." to Security Interview on 25 June
05. Data-Theft Worm Targets Google's Orkut - "Now, however, the infection will pop up a message telling you your data is being mailed off someplace, before sending you to the Orkut site." to Malware Web on 25 June
06. French Microsoft Web site hacked - "Hackers on Sunday broke into a part of Microsoft's French Web site, replacing the front page with online graffiti." to Hacktivism Microsoft Defacement on 25 June
07. SCADA industry debates flaw disclosure - "The guys who are setting up these systems are not security professionals. And many of the systems that are running SCADA applications were not designed to be secure--it's a hacker's playground."
to Security SCADA Cyberterrorism Vulnerabilities on 25 June
08. Details emerge on second potential NSA facility - "The room had a sophisticated set of double security doors, known as a "mantrap," and any engineer who worked inside required extensive security clearances." to Intelligence NSA Terrorism Surveillance Wiretapping on 25 June
09. Next-Gen Bank Trojans Are Upon Us - "The 3G Banking Trojan can steal your info and then siphon your account of its cash. The 3G Banking Trojan began with the "Win32.Grams" piece of malware, which first appeared in 2004."to Malware on 25 June
10. Malware authors eyeing Web-based applications - "As Web-based services grow increasingly popular, industry experts say users should brace for more of these threats." to Malware Web on 25 June
11. Stratcom leads DOD cyberdefense efforts - “Unfortunately for us, cyberterrorism is cheap, and it’s fast,” Kehler said. “Today’s terrorist moves at the speed of information.” to Defense InformationWarfare Cyberterrorism on 25 June
12. Text Messaging Used as Malware Lure - "Botnet herders have found a crafty new way to lure computer users to maliciously rigged Web sites—via text messaging on cell phones." to Malware Mobile on 25 June
13. Two China Search Sites Shut - "Censorship or maintenance? That’s the question after two Chinese search engines shut down temporarily." to China Censorship FreeSpeech on 25 June
14. Web services increasingly under attack - "As larger audiences flock to Web sites that run on ever more powerful programming scripts, malware writers are them fertile ground." to Security Malware Web on 25 June
15. What's the Endpoint of Endpoint Security? - "Finally, there’s a more manipulative progenitor of new jargon: the analyst community. White papers, market reports and mystical squares can get crowded, and the big vendors often dominate them."
to Security Investing Advertising Leadership on 25 June
16. Expatriates in Canada pressured to spy - "Despite strong warnings from the government of Canada, certain countries continue to use their intelligence services to manipulate and exploit expatriate communities in Canada," CSIS said." to Intelligence OSINT Espionage on 25 June
17. Review: Terror On The Internet - "Terror on the Internet" usefully outlines the basic contours of his subject, giving a taste of Al Qaeda's Internet rhetoric and strategies, along with those of less well-known militant groups from Colombia to the Basque country to Chechnya." to InformationWarfare Cyberterrorism Terrorism PSYOPS on 25 June
18. Web of terror - "The suspects reportedly became radicalized through militant Web sites and received online advice from Younis Tsouli, the Britain-based Webmaster for Islamic extremist sites who called himself "Terrorist 007," before he was arrested late last year." to InformationWarfare Cyberterrorism Terrorism PSYOPS Web on 25 June
01. Eyeballing North Korean Missile Launch Furor - "Latest satellite photo coverage and description of the launch site facilities." to Military Satellite Reconnaissance GEOINT ... on 25 June
02. VoIP wiretapping could lead to more problems - "Requiring Internet service providers to respond in real time to requests for them to record VoIP calls would open up the Internet to new vulnerabilities, Whitfield Diffie added." to Intelligence Terrorism Wiretapping CALEA VoIP on 25 June
03. Police arrest two in Japan data theft case - "Blackmailers attempted to extort almost $90,000 from one of Japan's largest phone companies by threatening to reveal a leak of private data belonging to four million customers before a major shareholder meeting." to Espionage Insider Investing on 25 June
04. Kevin Mitnick, the great pretender - "ZDNet UK caught up with the ex-cracker to discuss developments in social engineering, new U.S. laws monitoring telephone systems and alleged "NASA hacker" Gary McKinnon's impending extradition to the United States." to Security Interview on 25 June
05. Data-Theft Worm Targets Google's Orkut - "Now, however, the infection will pop up a message telling you your data is being mailed off someplace, before sending you to the Orkut site." to Malware Web on 25 June
06. French Microsoft Web site hacked - "Hackers on Sunday broke into a part of Microsoft's French Web site, replacing the front page with online graffiti." to Hacktivism Microsoft Defacement on 25 June
07. SCADA industry debates flaw disclosure - "The guys who are setting up these systems are not security professionals. And many of the systems that are running SCADA applications were not designed to be secure--it's a hacker's playground."
to Security SCADA Cyberterrorism Vulnerabilities on 25 June
08. Details emerge on second potential NSA facility - "The room had a sophisticated set of double security doors, known as a "mantrap," and any engineer who worked inside required extensive security clearances." to Intelligence NSA Terrorism Surveillance Wiretapping on 25 June
09. Next-Gen Bank Trojans Are Upon Us - "The 3G Banking Trojan can steal your info and then siphon your account of its cash. The 3G Banking Trojan began with the "Win32.Grams" piece of malware, which first appeared in 2004."to Malware on 25 June
10. Malware authors eyeing Web-based applications - "As Web-based services grow increasingly popular, industry experts say users should brace for more of these threats." to Malware Web on 25 June
11. Stratcom leads DOD cyberdefense efforts - “Unfortunately for us, cyberterrorism is cheap, and it’s fast,” Kehler said. “Today’s terrorist moves at the speed of information.” to Defense InformationWarfare Cyberterrorism on 25 June
12. Text Messaging Used as Malware Lure - "Botnet herders have found a crafty new way to lure computer users to maliciously rigged Web sites—via text messaging on cell phones." to Malware Mobile on 25 June
13. Two China Search Sites Shut - "Censorship or maintenance? That’s the question after two Chinese search engines shut down temporarily." to China Censorship FreeSpeech on 25 June
14. Web services increasingly under attack - "As larger audiences flock to Web sites that run on ever more powerful programming scripts, malware writers are them fertile ground." to Security Malware Web on 25 June
15. What's the Endpoint of Endpoint Security? - "Finally, there’s a more manipulative progenitor of new jargon: the analyst community. White papers, market reports and mystical squares can get crowded, and the big vendors often dominate them."
to Security Investing Advertising Leadership on 25 June
16. Expatriates in Canada pressured to spy - "Despite strong warnings from the government of Canada, certain countries continue to use their intelligence services to manipulate and exploit expatriate communities in Canada," CSIS said." to Intelligence OSINT Espionage on 25 June
17. Review: Terror On The Internet - "Terror on the Internet" usefully outlines the basic contours of his subject, giving a taste of Al Qaeda's Internet rhetoric and strategies, along with those of less well-known militant groups from Colombia to the Basque country to Chechnya." to InformationWarfare Cyberterrorism Terrorism PSYOPS on 25 June
18. Web of terror - "The suspects reportedly became radicalized through militant Web sites and received online advice from Younis Tsouli, the Britain-based Webmaster for Islamic extremist sites who called himself "Terrorist 007," before he was arrested late last year." to InformationWarfare Cyberterrorism Terrorism PSYOPS Web on 25 June
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Comments (Atom)