Posts tagged August

The Sportsmanship of Cyber-warfare …item 2.. Gauss, a new “cyber-espionage toolkit” (August 9, 2012 11:08 AM PDT) …item 3.. New U.S. intelligence report raises urgency over Iran’s nuclear program (Aug.09, 2012)

1

The Sportsmanship of Cyber-warfare …item 2.. Gauss, a new “cyber-espionage toolkit” (August 9, 2012 11:08 AM PDT) …item 3.. New U.S. intelligence report raises urgency over Iran’s nuclear program (Aug.09, 2012)
Computer Battery

Image by marsmet545
So far, Gauss has swiped data from the Bank of Beirut, EBLF, BlomBank, ByblosBank, FransaBank and Credit Libanais. Citibank and PayPal users are also targeted.

Why Gauss? The malware’s main module was named after German mathematician Johann Carl Friedrich Gauss. Other components are also named after well-known mathematicians.
.

……..*****All images are copyrighted by their respective authors ……..
.

When it comes to protecting a nation, cries of “that’s unfair” or “un-sporting” should be relegated to the “whatever” bucket.

Any nation’s military, counter-intelligence organization, or other agency tasked with protecting its citizens would be catastrophically failing in their obligations if they’re not already actively pursuing new tools and tactics for the cyber-realm.

Granted, just like the military use of aircraft in WW1 opened a Pandora’s box of armed conflict that changed the world forever, ever since the first byte’s traversed the first network we’ve been building towards the state we’re in.

– Gunter Ollmann, VP Research
.
……………………………………………………………………………………………………………………………………………………………………..
.
…..item 1)…. DAMBALLA … blog.damballa.com … THE DAY BEFORE ZERO …

An Ongoing Conversation About Advanced Threats …

Posts Tagged ‘cyberwar’

The Sportsmanship of Cyber-warfare
Wednesday, June 27th, 2012

blog.damballa.com/?tag=cyberwar

As a bit of a history buff I can’t avoid a slight tingling of déjà vu every time I read some new story commenting upon the ethics, morality and legality of cyber-warfare/cyber-espionage/cyberwar/cyber-attack/cyber-whatever. All this rhetoric about Stuxnet, Flame, and other nation-state cyber-attack tools, combined with the parade of newly acknowledged cyber-warfare capabilities and units within the armed services of countries around the globe, brings to the fore so many parallels
.
………………………….

img code photo … The Sportsmanship of Cyber-warfare

blog.damballa.com/wp-content/uploads/2012/06/062712_1930_…

………………………….
.

with the discussions about the (then) new-fangled use of flying-machines within the military in the run-up to WWI.

Call me a cynic if you will, but when the parallels in history are so evident, we’d be crazy to ignore them.

The media light that has been cast upon the (successful) deployment of cyber-weapons recently has many people in a tail-spin – reflecting incredulity and disbelief that such weapons exist, let alone have already been employed by military forces. Now, as people begin to understand that such tools and tactics have been fielded by nation-states for many years prior to these most recent public exposures, reactions run from calls for regulation through to global moratoriums on their use. Roll the clock back 100 years and you’ll have encountered pretty much the same reaction to the unsporting use of flying-machines as weapons of war.

That said, military minds have always sought new technologies to gain the upper-hand on and off the battlefield. Take for example Captain Bertram Dickenson’s statement to the 1911 Technical Sub-Committee for Imperial Defence (TSID) who were charged with considering the role of aeroplanes in future military operations:

“In case of a European war, between two countries, both sides would be equipped with large corps of aeroplanes, each trying to obtain information on the other… the efforts which each would exert in order to hinder or prevent the enemy from obtaining information… would lead to the inevitable result of a war in the air, for the supremacy of the air, by armed aeroplanes against each other. This fight for the supremacy of the air in future wars will be of the greatest importance…”

A century later, substitute “cyber-warriors” for aeroplanes and “Internet” for air, and you’d be hard-pressed to tell the difference from what you’re seeing in the news today.

Just as the prospect of a bomb falling from the hands of an aviator hanging out the cockpit of a zeppelin or biplane fundamentally changed the design of walled fortifications and led to the development of anti-aircraft weaponry, new approaches to securing the cyber-frontier are needed and underway. Then, as now, it wasn’t until civilians were alerted to (or encountered first-hand) the reality of the new machines of war, did an appreciation of these fundamental changes become apparent.

But there are a number of other parallels to WWI (and the birth of aerial warfare) and where cyber-warfare is today that I think are interesting too.

Take for example how the aviators of the day thought of themselves as being different and completely apart from the other war-fighters around them. The camaraderie of the pilots who, after spending their day trying to shoot-down their counterparts, were only too happy to have breakfast, and exchange stories over a few stiff drinks with the downed pilots of the other side is legendary. I’m not sure if it was mutual respect, or a sharing of a common heritage that others around them couldn’t understand, but the net result was that that first-breed of military aviator found more in common with their counterparts than with their own side.
.
…………………………..

img code photo … WW1 Aviators

blog.damballa.com/wp-content/uploads/2012/06/062712_1930_…

…………………………..
.

Today, I think you’ll likely encounter the equivalent social scene as introverted computer geeks who, by way of day-job, develop the tools that target and infiltrate foreign installations for their country, yet attend the same security conferences and reveal their latest evasion tactic or privilege escalation technique over a cold beer with one-another. Whether it’s because the skill-sets are so specialized, or that the path each cyber-warrior had to take in order to acquire those skills was so influential upon their world outlook, many of the people I’ve encountered that I would identify as being capable of truly conducting warfare within the cyber-realm share more in common with their counterparts than they do with those tasking them.

When it comes to protecting a nation, cries of “that’s unfair” or “un-sporting” should be relegated to the “whatever” bucket. Any nation’s military, counter-intelligence organization, or other agency tasked with protecting its citizens would be catastrophically failing in their obligations if they’re not already actively pursuing new tools and tactics for the cyber-realm. Granted, just like the military use of aircraft in WW1 opened a Pandora’s box of armed conflict that changed the world forever, ever since the first byte’s traversed the first network we’ve been building towards the state we’re in.

The fact that a small handful of clandestine, weaponized cyber-arms have materialized within the public realm doesn’t necessarily represent a newly opened Pandora’s box – instead it reflects merely one of the evils from a box that was opened at the time the Internet was born.

– Gunter Ollmann, VP Research

Tags: cyberwar, Flame, stuxnet
Posted in Industry Commentary, Threat Research | No Comments »

.
.
.

Chinese Hackers and Cyber Realpolitik
Friday, December 16th, 2011

For many people the comments made by Michael Hayden, Former Director of the Central Intelligence Agency, at this week’s Black Hat Technical Security Conference in Abu Dhabi may have been unsettling as he commented upon the state of Chinese cyber espionage.

I appreciate the candor of his observations and the distinction he made between state-level motivations. In particular, his comment “We steal secrets, you bet. But we steal secrets that are essential for American security and safety. We don’t steal secrets for American commerce, for American profit. There are many other countries in the world that do not so self limit.”

Perhaps I grew up reading too many spy stories or watched one-too-many James Bond movies, but I’ve always considered one of the functions of government is to run clandestine operations and uncover threats to their citizens and their economic wellbeing. The fact that Cyber is a significant and fruitful espionage vector shouldn’t really be surprising. Granted, it’s not as visual as digging a 1476 foot long tunnel under Soviet Berlin during the Cold War (see The Berlin Tunnel Operation GOLD (U.S.) Operation STOPWATCH (U.K.)) or as explosive as the French infiltration and eventual destruction of the Greenpeace Rainbow Warrior in New Zealand, but in today’s electronic society cyber espionage is a necessary tool.

Personally, I think you’d struggle to find a country or government anywhere around the world that hasn’t invested resources in building out their cyber espionage capabilities in recent years. It’s a tool of modern statecraft and policing.

While the media tends to focus upon the term “cyber warfare” and its many faceted security and safety ramifications, I think that we often fail to divorce a governments need (or even expectation) to conduct espionage and what would logically be covered by the articles (and declaration) of war. Granted it all gets a bit fuzzy – just look at the history of the “Cold War”. Perhaps a more appropriate name for the current situation and tensions would be “Cyber Realpolitik“.

China is often depicted as the bogeyman – rightly or wrongly – when it comes to cyber espionage. We increasingly find ourselves drawn into a debate of whether attacks which are instigated or traced back to the country are state-sponsored, state-endorsed, socially acceptable, or merely the patriotic duty of appropriately skilled citizens. The fact of the matter though is that there’s a disproportionate volume of cyber-attacks and infiltration attempts coming from China, targeting North American and European commercial institutions. You may argue that this is an artifact of China’s population but, if that was the case, wouldn’t India feature more highly then? India is more populous and arguably has a better developed education system in the field of information technology and software development – and yet they are rarely seen on the totem pole of threat instigators.

Michael Hayden alludes that China (and other countries) is not opposed to using cyber espionage for commercial advancement and profit, and based upon past observations, I would tend to agree with that conclusion. That said though, I don’t think that any country is immune to the temptation. Given the hoopla of the recent U.S. congressional insider trading fiasco and French presidential corruption, I’m not sure that “self limit” approaches work in all cases.

Cyber Realpolitik is the world we find ourselves living in and cyber espionage is arguably the latest tool in a government’s clandestine toolkit. We could consume a lot of time debating the ethics and outcomes of modern espionage campaigns but, at the end of the day, it’s a facet of international politics and governmental needs that have existed for millennium. For those commercial entities being subjected to the cyber campaigns directed at them by foreign governments, I don’t believe this threat will be going away anytime in the foreseeable future. Perhaps the noise surrounding the attacks may disappear, but that may just reflect an increase in stealthiness.

– Gunter Ollmann, VP Research.

Tags: APT, China, CIA, cyber espionage, cyberwar, malware
Posted in Industry Commentary, Threat Research | No Comments »
.
.
.
.
…………………………………………………………………………………………………………………………………………………………………….
.
…..item 2)…. CNET News … news.cnet.com … CNET News Security & Privacy

With Gauss tool, cyberspying moves beyond Stuxnet, Flame

Kaspersky Lab finds Gauss, a spying malware that collects financial information and resembles Flame. Components are named after famous mathematicians.

by Larry Dignan … August 9, 2012 11:08 AM PDT

news.cnet.com/8301-1009_3-57490216-83/with-gauss-tool-cyb…

Gauss, a new "cyber-espionage toolkit," has emerged in the Middle East and is capable of stealing sensitive data such as browser passwords, online banking accounts, cookies, and system configurations, according to Kaspersky Lab. Gauss appears to have come from the same nation-state factories that produced Stuxnet.

According to Kaspersky, Gauss has unique characteristics relative to other malware. Kaspersky said it found Gauss following the discovery of Flame. The International Telecommunications Union has started an effort to identify emerging cyberthreats and mitigate them before they spread.

In a nutshell, Gauss launched around September 2011 and was discovered in June. Gauss, which resembles Flame, had its command and control infrastructure shut down in July, but the malware is dormant waiting for servers to become active. Kaspersky noted in an FAQ:

There is enough evidence that this is closely related to Flame and Stuxnet, which are nation-state sponsored attacks. We have evidence that Gauss was created by the same "factory" (or factories) that produced Stuxnet, Duqu and Flame.
.
………………………………

img code photo … The Relationship of Stuxnet, Duqu, Flame and Gauss

cdn-static.zdnet.com/i/story/70/00/002405/kaspersky5.png

………………………………
.

Among Gauss’ key features:

…Gauss collects data on machines and sends it to attackers. This data includes network interface information, computer drive details and BIOS characteristics.

…The malware can infect USB thumb drives using the vulnerabilities found in Stuxnet and Flame.

…Gauss can disinfect drives under certain circumstances and then uses removable media to store collected data in a hidden file.

…The malware also installs a special font called Palida Narrow.

Since May 2012, Gauss has infected more than 2,500 machines, mostly in the U.S. Kaspersky said that the total number of Gauss victims is likely to be in the "tens of thousands." That number is lower than Stuxnet, but higher than Flame and Duqu attacks.
.
……………………….

img code photo … Incidents

cdn-static.zdnet.com/i/story/70/00/002405/kaspersky2.png

……………………….
.

So far, Gauss has swiped data from the Bank of Beirut, EBLF, BlomBank, ByblosBank, FransaBank and Credit Libanais. Citibank and PayPal users are also targeted.

Why Gauss? The malware’s main module was named after German mathematician Johann Carl Friedrich Gauss. Other components are also named after well-known mathematicians.

A few key slides from Kaspersky’s Gauss report:
.
……………………………

img code photo … Unique users

cdn-static.zdnet.com/i/story/70/00/002405/kaspersky1.png

……………………………
.

This story was first published as "Meet Gauss: The latest cyber-espionage tool" on ZDNet’s Between the Lines.

Topics:Cybercrime, Security, Vulnerabilities and attacks Tags:cyber-espionage, Kaspersky Lab, Gauss, malware
.
.
………………………………………………………………………………………………………………………………………………………………………
.
…..item 3)…. HAARETZ … www.haaretz.com/news … HomeNewsDiplomacy & Defense

Barak: New U.S. intelligence report raises urgency over Iran’s nuclear program

Defense Minister Ehud Barak confirms Haaretz’s report that Obama recently received an NIE report which shares Israel’s view on Iran’s progress toward nuclear capability; Israel, U.S. positions on Iran now closer, says Barak.
.
………………………

img code photo … Iron Dome battery site in Ashkelon

www.haaretz.com/polopoly_fs/1.455275.1344511493!/image/33…

U.S. Secretary of Defense Leon Panetta and Defense Minister Ehud Barak hold a joint news conference at an Iron Dome battery site in Ashkelon August 1, 2012.

Photo by Reuters

………………………
.

By Barak Ravid | Aug.09, 2012 | 1:03 PM |

www.haaretz.com/news/diplomacy-defense/barak-new-u-s-inte…

Defense Minister Ehud Barak confirmed on Thursday Haaretz’s report that President Barack Obama recently received a new National Intelligence Estimate report on the Iranian nuclear program, which shares Israel’s view that Iran has made significant progress toward military nuclear capability, and said that the report has raised the urgency of the issue.

Speaking on Israel Radio on Thursday morning, Barak said that there is a U.S. intelligence report "being passed around senior offices," and that, as far as Israel knows, this report has brought the U.S. position over Iran closer to the Israeli position, and made the issue more urgent.

For months there has been a basic agreement (between the U.S. and Israel) over what the Iranians are planning to do, and a deep understanding of what is stopping them, the defense minister said in the interview.

Barak also said that Israel will have to make a decision over Iran’s nuclear program. "All the options are still on the table, and when we say this, we mean it," he said.

"There is still no decision, we understand the gravity of the situation, we understand that we do not have all the time in the world to decide. We are facing tough decisions…we will listen to all assessments and comments, and when we have to make decisions, we will make them, and the decision will of course come from the government," he said.

Haaretz reported on Thursday that the National Intelligence Estimate report on Iran was supposed to have been submitted to Obama a few weeks ago, but it was revised to include new and alarming intelligence information about military components of Iran’s nuclear program. Haaretz has learned that the report’s conclusions are quite similar to those drawn by Israel’s intelligence community.

The NIE report contends that Iran has made surprising, notable progress in the research and development of key components of its military nuclear program.

The NIE reports are the most important assessments compiled by the U.S. intelligence community and are submitted to the president and other top governmental officials. This NIE report was compiled by an inter-departmental team headed by director of National Intelligence James Clapper. Its contents articulate the views of American intelligence agencies.
.
.
……………………………………………………………………………………………………………………………………………………………………..
.
.

Head-Mounted Computer
Computer Battery

Image by Chris Pirillo
See the "Head-Mounted Computer" video

This video was filmed by Charbax at ARMdevices.net from the Mobile World Congress 2010 in Barcelona. Imagine walking around with a head-mounted 15" display to view informations available to you at all times. This system features a pretty cool six-axis position tracker from Hillcrest Labs that allows you to operate a cursor with nearly pixel-for-pixel accuracy by just moving around your head when for example panning around a large image or a map. There is a highly targetted microphone that understands voice-commands where you can for example zoom in on maps or images, you can exit back to the programs menu, launch specific applications and open specific files. Here are the specs of this Second Generation Kopin Golden-i Motorola-branded Head-mounted Computer system: Processor — TI OMAP3530 clocked at 600MHz Display — Kopin SVGA (800 x 600) liquid crystal micro display (LCD) Networking: Bluetooth 2.0 WiFi — "Will be offered soon" User interface — Includes speech recog
nition and motion sensing Other I/O — 1 x USB Expansion — microSD slot Power — 1200 mAh battery provides more than eight hours of operation Weight — 3 oz (85g) Operating system — Windows CE Would you like to cover conferences, trade shows, and events in exchange for promotion in our YouTube channel and social media networks? Email chris@pirillo.com to facilitate the process!This video was originally shared on blip.tv by l0ckergn0me with a Creative Commons Attribution 2.0 license.


120%+ SUPER BATTERY LIFE! Learn about Laptop Battery Life at LaptopBatteryLife.com

NEW HP Pavillion dv6t Quad Edition In Depth Review August 2011

25

PLEASE READ DESCRIPTION!!!!! Buy this laptop here! www.shopping.hp.com Follow me on Twitter! www.twitter.com Sign up for SwagBucks with my account and get 30 SwagBucks for FREE! swagbucks.com I FINALLY made a review of the HP Pavillion dv6t laptop computer, sorry this took me forever to record! :( I hope you guys like it! If you want me to review anything even MORE in depth then please post a comment below or send me a message. Like, Comment, Subscribe! My Specs: HP Pavilion dv6t Quad Edition customizable Notebook PC OFF! Genuine Windows 7 Professional 64-bit 2nd generation Intel(R) Quad Core(TM) i7-2630QM (2.0 GHz, 6MB L3 Cache) w/Turbo Boost up to 2.9 GHz 1GB GDDR5 Radeon(TM) HD 6490M Graphics [HDMI, VGA] FREE Upgrade to 6GB DDR3 System Memory (2 Dimm) FREE Upgrade to 750GB 5400RPM Hard Drive with HP ProtectSmart Hard Drive Protection No Additional Office Software FREE Upgrade to Norton Internet Security(TM) 2011 – 15 Month Subscription (activation required) 30% OFF! 9-Cell Lithium-Ion Battery (over-sized) – Up to 9.75 hours of battery life +++ 15.6″ diagonal High Definition HP BrightView LED Display (1366×768) SuperMulti 8X DVD+/-R/RW with Double Layer Support HP TrueVision HD Webcam with Integrated Digital Microphone and HP SimplePass Fingerprint Reader Intel 802.11b/g/n WLAN with Wireless Display Support Standard Keyboard HP Home & Home Office Store in-box envelope
Video Rating: 4 / 5


120%+ SUPER BATTERY LIFE! Buy a Durable Laptop Battery at LaptopBatteryLife.com

Desktop – August 2010

11

Desktop – August 2010
Laptop Battery

Image by Ricecracker.
I wanted to keep it clean and simple for August.

Desktop image from DeviantArt.

Programs include Shiftlt, Growl, YouControl Tunes, Caffeine, Nocturne, Instantshot, Adium, Breakaway, JustNotes and Geektool.

Icons are Kobhens. I got mine from a different site, so I can’t vouch for those…

Old Desktop

Geektool scripts:

Time:
date +"%I:%M"

AM/PM:
date +"%p"

Weekday:
date +%A

Day of the month:
date +%d

Month:
date +%B

Calendar:
cal | awk -v cday=`date "+%d"` ‘{ fill=(int(cday)>9?"":" "); \

Uptime:
uptime

RAM Usage:
top -l 1 | awk ‘/PhysMem/ {print "Used: " " Free: " }’

Airport info:
sh /Users/Isaac/airport.sh

Battery Percent:
ioreg -l | grep -i capacity | tr ‘\n’ ‘ | ‘ | awk ‘{printf("%.2f%%", / * 100)}’

Don’t try this at home!
Laptop Battery

Image by mhaithaca
My disassembled 12" PowerBook G4, ready to have the old hard drive taken out and the new one put in. This was way harder than I expected it to be. If I’d looked at the instructions first, I would probably not have ordered the hard drive online, but just sent the damn thing off to Apple battery.

20100619_0005_1600x1067
Laptop Battery

Image by Les_Stockton
Paul drove all the way from northeast Missouri. He brought a cool setup where he had a 5 watt solar panel, hooked up with this little portable battery unit from WalMart; and he powered his Ham radio system, as well as a laptop battery computer battery.


UNBEATABLE 66% OFF DISCOUNT! Buy Best Laptop Batteries on LaptopBatteryLife.com

Go to Top