[SecurityRatty] tag: reporter

Reporter's notebook: Excitement, fear on the e-vote trail

Mon, 03 Nov 2008 21:00:00 +0000

No one's doubting the outcome of the massive turnout in the U.S. presidential election in Democratic New Jersey, but for some voters and elected officials, e-voting glitches and long lines are undermining confidence in the electoral process.

You may not even know it, but a Bodyguard may be protecting your colleague as you work.

Sun, 26 Oct 2008 09:33:00 +0000

I just came across an excellent workplace violence article written by Seattlepi.com reporter, Andrea James.

The article raises many points that I am sure many of us have or would overlook if it was not brought to our attention. The director of New Beginnings, a Seattle based non-profit that provides advocacy and shelter for victims made the point that while going home after a hard day's work is something that many employees look forward to, for victims of domestic abuse, work is the only place that provides them safety and a sanctuary from a tortured home life.

Our company is frequently requested by employers to provide covert bodyguards for employees with domestic problems at home. The reason for this is due to the fact that physical violence at home, quite often spills into the workplace by the abuser and when that happens, the liklihood of the domestic partner and other co-workers getting hurt or even killed is very real.

Employers know that they have a responsibility to keep the workplace safe so they hire companies like ours to have trained personal protection specialists blend in at the place of empoyment and watch out for the identified threat. Just about 100% of the time the victim of the abuse is a female employee but this article and the comments that follow show that males also suffer from domestic violence.

It is the opinion of our company that we will see even more workplace violence, domestic and otherwise, as companies continue to practice cost cutting tactics like downsizing and layoffs due to the worsening economy. Other related predictions would be thefts from the workplace, increase in fraud and embezzlement, an increase in Resume/CV fabrications as more and more people compete for fewer jobs.

This all goes to show that employers have to be more astute and procative in making sound hiring decisions, being alert for internal theft and abuse and being proactive when it comes to workplace violence.

Wee-Fi: Share Cell Connections over Wi-Fi; Mile High-Fi Salaciousness; Giga-Fi; and More

Thu, 11 Sep 2008 07:02:26 +0000

New version of Windows Mobile software to share cell data connections over Wi-Fi: Morose Media ships version 1.20 of WMWifiRouter, a Windows Mobile 5 and 6 application that routes cellular data connections over Wi-Fi, turning your phone into a micro-hotspot. The software can also share a cell connection via Bluetooth or USB. The software costs $30 or €20, and requires Internet (Connection) Sharing (ICS), which some providers may have removed from your phone. (The company set the price at US$30 before the euro drop, so is offering a kind of discount over their real €20 price for the moment.)

The New York Times rounds up using cell phones as hotspots: Though the reporter, Bob Tedeschi, mentions the issue of having to have an unlimited data plan to avoid unpleasant charges, and worries about bad drains and malicious users, he doesn't note that many carriers don't allow this kind of sharing or routing without a separate "tethering" plan, that can run $20 or more per month. Also, U.S. carriers have now all imposed a 5 GB per month reasonable use cap; some will cut you off, some charge you more, some cancel your service based on exceeding this use.

Gigabit Wi-Fi? Someday: TechWorld considers the IEEE's Very High Throughput (VHT) study group, which wants to start work on 1 Gbps or faster Wi-Fi standard for completion in 2012. With 802.11n offering raw symbol rates up to 600 Mbps--even though no devices have shipped with the radios and antennas to offer that optional high speed yet--there's interest in other frequencies that would allow faster encodings, as well as aggregating multiple links to achieve high speed rates. My experience in testing and using 2.4 GHz with Draft N would show that wide or aggregated channels doesn't work very well. The article's writer, Peter Judge, notes that ultrawideband had potential (over short distances) to approach the gigabit mark, but that UWB hasn't really reached the market in any substantive way years after it was promised to be a big technology.

Flight attendants express concerns about in-flight broadband porn: When I've spoken to airlines, industry experts, and service providers, I find that they all have stories about how porn is viewed on computers, through DVD players, and in convenient magazine form on planes today. Adding the Internet may provide new salacious imagery, but the problem predates Internet access, and filtering Internet service is never as good a solution as a social one. Someone idiotic enough to view porn on a plane over the Internet is also stupid enough to bring along inappropriate DVDs they watch while seated next to children. Flight attendants already have the power vested in them to take care of this. The flight attendants for American might be expressing this concern as part of a bargaining issue, where their responsibilities but not commensurate pay have increased.

Spokane ends free Wi-Fi: Remember Vivato? Boy, I sure do. A company with a reach far exceeding its grasp, Vivato initially powered Spokane's downtown network. The network has continued to run on some basis--I'm not sure using what equipment--and now will move from free to fee. OneEighty Networks will charge about $10 per month to cover the costs of the network, for which local businesses at one point chipped in.

Brazilian TAM airline signs up for in-flight calling, messaging: OnAir has signed up the Brazilian carrier TAM, which will deploy the service on its Airbus A320 craft. Brazil hasn't yet provided regulatory approval, so no launch date is noted. TAM is the largest domestic and international carrier for Brazil.

Secret Military Technology

Wed, 10 Sep 2008 07:35:28 +0000

On 60 Minutes, in an interview with Scott Pelley, reporter Bob Woodward claimed that the U.S. military has a new secret technique that's so revolutionary, it's on par with the tank and the airplane:

Woodward: This is very sensitive and very top secret, but there are secret operational capabilities that have been developed by the military to locate, target, and kill leaders of al Qaeda in Iraq, insurgent leaders, renegade militia leaders, that is one of the true breakthroughs.
Pelley: What are we talking about here? Some kind of surveillance, some kind of targeted way of taking out just the people that you're looking for, the leadership of the enemy?

[...]

Woodward: It is the stuff of which military novels are written.

Pelley: Do you mean to say that this special capability is such an advance in military technique and technology that it reminds you of the advent of the tank and the airplane?

Woodward: Yeah.

It's here, 7 minutes and 55 seconds in.

Anyone have any ideas?

Premature Update on Philadelphia Wi-Fi

Fri, 05 Sep 2008 09:23:51 +0000

I'm not sure why this article was written, as there appears to be nothing particularly newsworthy in it: The News.com reporter Marguerite Reardon has covered muni-Fi for as long as I have, and after reading this in-depth piece, I'm left wondering whether it was assigned far too early, and she was meeting an editorial desk requirement instead of feeling like the story was ready to "print." The article looks at Network Acquisition Corp. (NAC), the allegedly interim name for the group that's taken over Phila-Fi.

One source at the Knight Center for Digital Excellence notes, "The new network owners are supposed to have a much more sustainable business model." Supposed to. Later, "Network Acquisition Company, which acquired the network, hasn't talked publicly about the details of its new plan, but it has hinted that its strategy will differ from EarthLink's." Hasn't talked publicly. Then, "[NAC and Tropos] spokespeople said the companies would talk more about the network later this month when details of the new business plan are ready." Huh.

Reardon explains digital divide issues and looks into what Wireless Philadelphia has been up to, although doesn't note that delays in EarthLink's deployment and other factors have led to just a few hundred individuals that have been assisted by the non-profit; numbers may have changed, but that was as of a few months ago. Still, Wireless Philadelphia has apparently diversified its funding sources--Reardon cites 30 now.

I think we're still coming off the doldrums of August.

Wee-Fi: Houston-Fi, ASCII WPA Passphrases, Green Wi-Fi

Tue, 19 Aug 2008 06:26:25 +0000

Houston flips switch on free downtown Wi-Fi: Dwight Silverman of the Houston Chronicle accidentally discovers the soft launch of the network funded by EarthLink's $5m default fee. (The fee was paid when they missed a milestone, and the firm later walked away.) The downtown area now has a limited pilot project that's free; the real effort in Houston is supposed to be at 10 housing projects and in parks where service would be used to bridge the digital divide and improve the quality of life. How, exactly, is part of what's being tested.

That's ASCII, not hex: An article on wardriving raises security hackles by repeating some slightly overheated statements about Wi-Fi security. The article opens with a 63-character ASCII WPA passphrase, which is later described as "hex." (ASCII passphrases in WPA can be up to 63 "printable" characters - ASCII 32 to 127 - while a hex version of a 256-bit TKIP or AES password is 64 hexadecimal digits long.) The article tries to conflate Wi-Fi attacks that led to the largest set of breaches in retail credit-card systems and wardriving, a hobbyist activity that's never been looked on very favorably by law enforcement. The sense of ennui of wardriving pioneers is pretty clear; when Wi-Fi is everywhere and generally secured, it's far less interesting. The wardriver in the article convinced the reporter that a maximum-length WPA passphrase stored on a USB drive for automatic use was the best way to go. But, really, 20 characters containing letters and punctuation and no words found in a dictionary along with changing your network's SSID (network name) provides all the security you'll ever need for a home or small business. (If you need more, deploy WPA/WPA2 Personal.)

Green Wi-Fi's Senegal efforts hit snags: The folks at Green Wi-Fi are well motivated, and they're running up against all forms of security theater and bureaucracy both here and in Senegal, where they have an active project. The San Francisco Chronicle notes the group's effort to build solar-powered, self-sustaining Internet access via mesh networked nodes. Getting devices out of the country, clearing customs in Senegal, and hooking up their solar system all hit problems they're working through. As with the One Laptop Per Child program, I see a "build it and they will come" mentality in Green Wi-Fi's mission statement: the notion that providing computing power and Internet access will result in good things, rather than an effort to figure out what good things need to be achieved, and whether computers and the Internet will assist.

Who's Behind the Georgia Cyber Attacks?

Thu, 14 Aug 2008 06:16:34 +0000

Of course the Klingons did it, or you were naive enough to even think for a second that Russians were behind it at the first place? Of the things I hate most, it's lowering down the quality of the discussion I hate the most. Even if you're excluding all the factual evidence (Coordinated Russia vs Georgia cyber attack in progress), common sense must prevail.

Sometimes, the degree of incompetence can in fact be pretty entertaining, and greatly explains why certain countries are lacking behind others with years in their inability to understand the rules of information warfare, or the basic premise of unrestricted warfare, that there are no rules on how to achieve your objectives.

So who's behind the Georgia cyber attacks, encompassing of plain simple ping floods, web site defacements, to sustained DDoS attacks, which no matter the fact that Geogia has switched hosting location to the U.S remain ongoing? It's Russia's self-mobilizing cyber militia, the product of a collectivist society having the capacity to wage cyber wars and literally dictating the rhythm in this space. What is militia anyway :

"civilians trained as soldiers but not part of the regular army; the entire body of physically fit civilians eligible by law for military service; a military force composed of ordinary citizens to provide defense, emergency law enforcement, or paramilitary service, in times of emergency; without being paid a regular salary or committed to a fixed term of service; an army of trained civilians, which may be an official reserve army, called upon in time of need; the national police force of a country; the entire able-bodied population of a state; or a private force, not under government control; An army or paramilitary group comprised of citizens to serve in times of emergency"

Next to the "blame the Russian Business Network for the lack of large scale implementation of DNSSEC" mentality, certain news articles also try to wrongly imply that there's no Russian connection in these attacks, and that the attacks are not "state-sponsored", making it look like that there should be a considerable amount of investment made into these attacks, and that the Russian government has the final word on whether or not its DDoS capabilities empowered citizens should launch any attacks or not. In reality, the only thing the Russian government was asking itself during these attacks was "why didn't they start the attacks earlier?!".

Thankfully, there are some visionary folks out there understanding the situation. Last year, I asked the following question - What is the most realistic scenario on what exactly happened in the recent DDoS attacks aimed at Estonia, from your point of view? and some of the possible answers still fully apply in this situation :

- It was a Russian government-sponsored hacktivism, or shall we say a government-tolerated one

- Too much media hype over a sustained ICMP flood, given the publicly obtained statistics of the network traffic

- Certain individuals of the collectivist Russian society, botnet masters for instance, were automatically recruited based on a nationalism sentiments so that they basically forwarded some of their bandwidth to key web servers

- In order to generate more noise, DIY DoS tools were distributed to the masses so that no one would ever know who's really behind the attacks

- Don't know who did it, but I can assure you my kid was playing !synflood at that time

- Offended by the not so well coordinated removal of the Soviet statue, Russian oligarchs felt the need to send back a signal but naturally lacking any DDoS capabilities, basically outsourced the DDoS attacks

- A foreign intelligence agency twisting the reality and engineering cyber warfare tensions did it, while taking advantage of the momentum and the overall public perception that noone else but the affected Russia could be behind the attacks

- I hate scenario building, reminds me of my academic years, however, yours are pretty good which doesn't necessarily mean I actually care who did it, and pssst - it's not cyberwar, as in cyberwar you have two parties with virtual engagement points, in this case it was bandwidth domination by whoever did it over the other. A virtual shock and awe

- I stopped following the news story by the time every reporter dubbed it the first cyber war, and started following it again when the word hacktivism started gaining popularity. So, hacktivists did it to virtually state their political preferences

Departamental cyber warfare would never reach the flexibity state of people's information warfare where everyone is a cyber warrior given he's empowered with access to the right tools at a particular moment in time.

Related posts:
People's Information Warfare Concept
Combating Unrestricted Warfare
The Cyber Storm II Cyber Exercise
Chinese Hacktivists Waging People's Information Warfare Against CNN
The DDoS Attacks Against CNN.com
China's Cyber Espionage Ambitions
North Korea's Cyber Warfare Unit 121

Chinese Hackers Attacking U.S Department of Defense Networks

Electronic Jihad v3.0 - What Cyber Jihad Isn't

Electronic Jihad's Targets List

Teaching Cyber Jihadists How to Hack

Empowering the Script Kiddies

OSINT Through Botnets

Corporate Espionage Through Botnets

Malware Infected Hosts as Stepping Stones

Hacktivism Tensions - Israel vs Palestine Cyberwars

The Current, Emerging, and Future State of Hacktivism

Internet PSYOPS - Psychological Operations

On TV Warfare

Mon, 11 Aug 2008 13:41:00 +0000

It is simply amazing that all the countries now "get it" that war happens primarily on TV (this vs this; many other examples are around). It is also amazing that there is NO way to know where "media reporting" ends and "psyops" begin. So, a burning tank with no clear markings that you see on TV might be:

Tank belonging to warring side A
Tank belonging to warring side B
Just a tank that was passing by and got hit by mistake :-)
Something that looks like a burning tank
An archive shot that reporter added for visual impact

Same applies to the "primary weapon" of a modern TV war: "evidence of atrocities of the opposing side."

What's the truth? Who knows... progress brought us "TV wars," is this the first "YouTube war"? But if we cannot believe the media coverage, how can we believe a random video online? Well ... maybe the same way we often believe Wikipedia over Britannica.

In any case, if there was a better time to turn off the TV (and tune off the web news...), it would be now. Also, time to get the dust off my copy of Toffler?

Rant mode off :-)

Journalist on Journalist Hacking at Black Hat

Fri, 08 Aug 2008 09:10:15 +0000

Three French journalists have been booted for life from Black Hat and Defcon for compromising the Black Hat press room wired network and grabbing the credentials for at least one reporter. Their goal was to publicize the risks to reporters especially current given the massive reporter presence in Bejing for the Olympics. This risk is certainly real and it is a shame that these journalists had to compromise and embarass one of their own and potentially run afoul of US Federal wiretap laws.

Sniffing, or monitoring all traffic on a network, is so 1999. That is when L0pht came out with AntiSniff, which could detect many scenarios where someone was sniffing a wired network. How can we be using plain text authentication protocols in 2008? It is a well known and easily solved problem. But people authenticate in clear text everyday when they log into social networking or blogs or other “unimportant” applications. The problem is when they use those same credentials for work or online banking.

We need to think of any application that alows users to authenticate in the clear as broken. If 3 journalists can monitor paaswords, anyone can.

Journalist On Journalist Hacking at BlackHat

Fri, 08 Aug 2008 09:10:15 +0000

We need to think of any application that alows users to authenticate in the clear as broken. If 3 journalists can monitor passwords, anyone can.

Update 08/08/2008 12:30pm EST:

It turns out the attack was likely a MITM attack where the attackers ran their own DHCP server and handed out a gateway IP that was controlled by them. At least one reporter was connecting to his organization’s content management system over unencrypted HTTP and got his password compromised. More details in “How eWeek Got Hacked at Black Hat.”