WFTM

Waiting For The Moon
Music + My Photos

Showing posts tagged security

The Anatomy of a Governmental Malware Attack

If you have an interest in computer security (we all should), this article at The Citizen Lab, does a very good job explaining how middle eastern countries target and spy on dissents. It is the best technical review I have seen of a state sanctioned malware attack .

The final advice the Citizen Lab gives is below, it is very good advice. I recommend this article to any one who is interested in the technical side of this issue.

The use of social engineering and commercial surveillance software attacks against activists and dissidents is becoming more commonplace.

For at risk communities, gaining awareness of targeted threats and exercising good security practices when using email, Skype, or any other communication mechanism are essential. Users should be vigilant concerning all e-mails, attached web links, and files. In particular, carefully assess the authenticity of any such materials referencing sensitive subject matter, activities, or containing misspellings or unusual diction. If you believe that you are being targeted be especially cautious when downloading files over the Internet, even from links that are purportedly sent by friends.

For further tips on detecting potential malware attacks and preventing compromise, see Citizen Lab’s recommendations for defending against targeted attacks.

This article was published in Domus 948, June 2011


  Mapping the discontinuous spatiality of the contemporary nation-state through the publication of the secret government memo listing 259 facilities around the world considered crucial to everyday life in the US

This article was published in Domus 948, June 2011

Mapping the discontinuous spatiality of the contemporary nation-state through the publication of the secret government memo listing 259 facilities around the world considered crucial to everyday life in the US

Egyptian Actions Highlight Dangers in U.S. Cybersecurity Proposals

soupsoup:

Cindy Cohn at EFF

The Egyptian regime’s shutdown of the Internet in an attempt to preserve its political power highlights the dangers of any government having unchecked power over our Internet infrastructure, and puts a fine point on the risks to democracy posed by recent Congressional proposals to give the President a broad mandate to dictate how our internet service providers respond to cyber-emergencies.

(via dieselciviltrust-deactivated201)

Block TYNT "copy/paste jerks" with hosts file redirect

idiosyncratic-routine:

via ericmortensen via daringfireball:

Over the last few months I’ve noticed an annoying trend on various web sites, generally major newspaper and magazine sites, but also certain weblogs. What happens is that when you select text from these web pages, the site uses JavaScript to report what you’ve copied to an analytics server and append an attribution URL to the text. So, for example, if I were using this “service” here on Daring Fireball, and you selected the first sentence of this article, copied it, then switched to another app to paste the text you just copied, instead of pasting just the sentence you selected and intended to copy, you’d instead get:

Over the last few months I’ve noticed an annoying trend on various web sites, generally major newspaper and magazine sites, but also certain weblogs.

Read more: http://daringfireball.net/2010/05/tyntcopypaste_jerks/#ixzz0oyLiD4Qh

All of this nonsense — the attribution appended to copied text, the inline search results popovers — is from a company named Tynt, which bills itself as “The copy/paste company”.

It’s a bunch of user-hostile SEO bullshit.

What I’ve chosen to do is edit my /etc/hosts file to block access system-wide to the tcr.tynt.com server. This is the server from which the Tynt JavaScript code is served to all its “partners”.

127.0.0.1   tcr.tynt.com

(Find your hosts file)

After saving the hosts file, Tynt’s clipboard-altering nonsense is disabled on all Tynt-using websites I’ve encountered, no matter which browser I use.

This has been popping up and annoying me more and more lately, but I hadn’t yet thought to do anything about it. Quick fix; good call.

I too notice this happening, I can’t begrudge the content providers trying to generate traffic for their sites, times are tough and these businesses are desperate. I delete the added text.

The practice raises another concern for me, what else could third party servers be inserting, how much power does JavaScript or jQuery have over our computer? Is your PC or MAC silently being colonized by unknown online agencies for profit?

City of Fear

LETTER FROM SÃO PAULO

City of Fear

Operating by cell phone, a highly organized prison gang launched an attack that shut down Brazil’s largest city last May, with the authorities powerless to stop it. For many in São Paulo, this vast, amorphous criminal network is the only government they have.
Vanity Fair Magazine April 2007
by WILLIAM LANGEWIESCHE
Read Entire Article

I recommend this article for insight into the Middle East and Africa situation. US policy is helping push Iraq, Afghanistan, Lebanon and maybe Iran into becoming failed states where well organized gangs will have the upper hand. In Brazil and Mexico the gangs are related to drugs and conventional criminal activity, in the Middle East they tend to be related to extreme fundamentalist groups as well as regular criminals.

This won’t bother the US Government or its corporate friends because the Security Industrial Complex will make billions protecting us from these bad actors on the world stage.

In the same issue is a good piece about private armies in Iraq, by ex CIA official Robert Baer.

Lawsuit Seeks Information on How Government Uses Social-Networking Sites

From: securitymanagement.com
By Matthew Harwood
12/02/2009 -

A prominent hi-tech civil liberties organization filed suit in federal court yesterday to impel a half-dozen government agencies to disclose the policies and procedures that govern how they access, collect, and store information from social networking Web sites.

The 8-page lawsuit filed by the Electronic Frontier Foundation (EFF) “seeks the release of records requested from the Department of Defense, Department of Homeland Security, Department of Justice, Department of Treasury, Central Intelligence Agency, and Office of the Director of National Intelligence concerning the use of social-networking websites as investigative, surveillance, and data collection tools.”

Read Entire Article

Who's in Big Brother's Database?

Book Review By James Bamford For the NY Review of Books

The Secret Sentry: The Untold History of the National Security Agency
by Matthew M. Aid

On a remote edge of Utah’s dry and arid high desert, where temperatures often zoom past 100 degrees, hard-hatted construction workers with top-secret clearances are preparing to build what may become America’s equivalent of Jorge Luis Borges’s “Library of Babel,” a place where the collection of information is both infinite and at the same time monstrous, where the entire world’s knowledge is stored, but not a single word is understood. At a million square feet, the mammoth $2 billion structure will be one-third larger than the US Capitol and will use the same amount of energy as every house in Salt Lake City combined.
Read Entire Article