Re: [funsec] Cyber War (book): Microsoft a weak link in national security

2010-06-14 Thread Robert Graham 
>GREAT book!

Um, it's a work of fiction.


  
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Re: [funsec] Cyber War (book): Microsoft a weak link in national security

2010-06-14 Thread Jon Kibler 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 6/14/10 5:47 PM, Juha-Matti Laurio wrote:
> "Who wrote those lines? Steve Jobs? Linux inventor Linus Torvalds? Ralph 
> Nader? No, the author is former White House adviser Richard A. Clarke
> in his new book, Cyber War: The Next Threat to National Security and What to 
> Do About It.
> 
> It has been a few months since Clarke's latest opus appeared, but it's still 
> making quite a splash.
> Clarke, after all, was the guy who repeatedly warned the White House about Al 
> Qaeda before September 11, 2001.
> As a result, he has quickly become the most publicly identifiable person on 
> the subject.
> 
> "While it may appear to give America some sort of advantage," Cyber War 
> warns, 
> "in fact cyber war places this country at greater jeopardy than it does any 
> other nation.""
> 
> http://arstechnica.com/security/news/2010/06/cyber-war-microsoft-a-weak-link-in-national-security.ars
> 
> Juha-Matti


The quote I really like (paraphrasing, because I don't have the book
handy) is where he blasts Microsoft for opening all of their source code
up to the Chinese government, but refuses to do so for banking and other
critical infrastructure here in the U.S.

GREAT book!

Jon
- -- 
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o/c/s: 843-849-8214 / 843-813-2924 / 843-564-4224
e: jon.kib...@aset.com or jon.r.kib...@gmail.com
s: JonRKibler
http://www.linkedin.com/in/jonrkibler

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkwWz/kACgkQUVxQRc85QlOkfACfYWMJ4zeMERGpD3eW0ObrNszn
BTkAmwScR6ewy6drys79co89jqJ+ajr6
=1mdB
-END PGP SIGNATURE-
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Re: [funsec] Unreal IRCd backdoor

2010-06-14 Thread security curmudgeon 

On Tue, 15 Jun 2010, Gadi Evron wrote:

: On 6/14/10 3:25 PM, Larry Seltzer wrote:
: > Similar to an incident with WordPress a few years ago.
: 
: Got a reference to the WP incident?

http://osvdb.org/search?search%5Bvuln_title%5D=trojaned&search%5Btext_type%5D=titles

Seconded Gadi's request. I vaguely recall a WP incident, but I 
thought they were 100% sure it did not affect distributions? The link 
above will list several other incidents.

___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Re: [funsec] A perfect marriage: vuvuzelas and soccer

2010-06-14 Thread Valdis . Kletnieks 
On Mon, 14 Jun 2010 15:07:23 PDT, Robert Graham said:

> The guards were presumably trained for weeks before hand against typical
> social engineering attempts

> A one-time even like this, though, has no past experience really. They are
> figuring out a lot of security for the first time.

Cognitive dissonance FTW :)



pgpOYlHRalXit.pgp
Description: PGP signature
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Re: [funsec] Unreal IRCd backdoor

2010-06-14 Thread Gadi Evron 
On 6/14/10 3:25 PM, Larry Seltzer wrote:
> Similar to an incident with WordPress a few years ago.

Got a reference to the WP incident?


>
> One of the lessons people seem to want to learn from this is to check
> MD5s, but I don't see what that accomplishes. Usually the MD5 is stored
> alongside the file that has been compromised; if they can compromise the
> main file, surely they can make a new MD5.
>
> The unrealircd guys are starting to use GPG which is a better solution (if
> they're careful with their keys)(and as long as the source tree they're
> signing hasn't been compromised), but GPG is a PITA. After the Wordpress
> incident I proposed an easier method:
> http://www.eweek.com/c/a/Security/A-Cheap-and-Easy-Proposal-for-File-Distr
> ibution-Safety/
>
> LJS
>
> -Original Message-
> From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On
> Behalf Of Juha-Matti Laurio
> Sent: Monday, June 14, 2010 7:51 AM
> To: Gadi Evron; funsec@linuxbox.org
> Subject: Re: [funsec] Unreal IRCd backdoor
>
> Advisory and MD5's listed at
> http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt
>
> Juha-Matti
>
> Gadi Evron [...@linuxbox.org] kirjoitti:
>> Very interesting post by Fyodor:
>> http://seclists.org/nmap-dev/2010/q2/826
>>
>>  Gadi.
>>
> ___
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.


-- 
Gadi Evron,
g...@linuxbox.org.

Blog: http://gevron.livejournal.com/
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Re: [funsec] Cyber War (book): Microsoft a weak link in national security

2010-06-14 Thread Valdis . Kletnieks 
On Tue, 15 Jun 2010 00:47:31 +0300, Juha-Matti Laurio said:
> "While it may appear to give America some sort of advantage," Cyber War warns,
> "in fact cyber war places this country at greater jeopardy than it does any 
> other nation.""

I've seen reference to the idea that we have a presidential Executive Order
prohibiting the assassination of other heads of state not because we're the
good guys, but because our head of state is a much easier target for 
retribution.


pgpJapzv9GnAE.pgp
Description: PGP signature
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Re: [funsec] A perfect marriage: vuvuzelas and soccer

2010-06-14 Thread Robert Graham 
>Security related?


The security guards have gone on strike:
http://www.allheadlinenews.com/articles/7018990085

That means it's probably easy to social engineer the police (who replaced the 
guards). The guards were presumably trained for weeks before hand against 
typical social engineering attempts as people (mostly reporters) try to get 
into inaccessible areas. Presumably, their replacements (the police) have not 
been trained for such things.

In general, a one-time event like a World Cup or an Olympics is going to have 
"one-time security". Normally, you expect an organization to grow big over 
time, and slowly adapt to a proper security posture based on past experience. A 
one-time even like this, though, has no past experience really. They are 
figuring out a lot of security for the first time. For example, I'm sure if you 
walked around with a wifi sniffer, you'd see lots of open access-points with 
access to "interesting" areas, like changing the contents of the large screens, 
or changing the score.


  
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

[funsec] Cyber War (book): Microsoft a weak link in national security

2010-06-14 Thread Juha-Matti Laurio 
"Who wrote those lines? Steve Jobs? Linux inventor Linus Torvalds? Ralph Nader? 
No, the author is former White House adviser Richard A. Clarke
in his new book, Cyber War: The Next Threat to National Security and What to Do 
About It.

It has been a few months since Clarke's latest opus appeared, but it's still 
making quite a splash.
Clarke, after all, was the guy who repeatedly warned the White House about Al 
Qaeda before September 11, 2001.
As a result, he has quickly become the most publicly identifiable person on the 
subject.

"While it may appear to give America some sort of advantage," Cyber War warns, 
"in fact cyber war places this country at greater jeopardy than it does any 
other nation.""

http://arstechnica.com/security/news/2010/06/cyber-war-microsoft-a-weak-link-in-national-security.ars

Juha-Matti
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Re: [funsec] Privacy Police Go Paranoid Against Google

2010-06-14 Thread steve pirk [egrep] 
I buzzed the article. Excellent job Larry! Not that anyone will promote it
to the nightly news... ;-]

--steve
On Sun, Jun 13, 2010 at 11:26, Larry Seltzer  wrote:

>
> http://blogs.pcmag.com/securitywatch/2010/06/privacy_police_go_paranoid_aga.php
>
>
>
> (Yes, this is a little about driving traffic to my blog, but it’s also
> on-point for funsec.
>
>
>
> Why do people get so irrational about privacy issues?
>
> I've spoken to several people who have been involved with real software
> development (as I have) and we all find Google's explanation of the Street
> View Wifi data collection 
> incident
>  perfectly plausible. I'll go further: The idea that they intended to
> collect Wifi payload data for this operation is highly implausible.
>
> ….
>

-- 
steve pirk
refiamerica.org
"father... the sleeper has awakened..." paul atreides - dune
kexp.org member august '09
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Re: [funsec] A perfect marriage: vuvuzelas and soccer

2010-06-14 Thread Randal T. Rioux 
On 06/14/2010 12:02 PM, Ned Fleming wrote:
>
> There's nothing like a one-one or, better yet, a nil-nil tie in soccer
> (that's "association football" for the kiwis).
>
> The vuvuzela adds the perfect accompaniment to the drudgery of soccer
> -- an incessant, tiresome drone. Top it off with laudanum and you may
> have the ideal trifecta.
>
> Security related?
>
> Protect your hearing (and sanity) with ear plugs. The vuvuzela
> discharges a 127 decibel screech. Also, don't get addicted to
> laudanum.

I am so torn on this one. I'm all for local tradition, but I watched the 
whole USA-England match with great audible irritation. It was so bad I 
considered running the audio through JACK on a Linux box and trying to 
eliminate the sound with some clever frequency hacking.

Alas, my motivation was crushed by my inability to stop watching long 
enough to do so :-)

Randy

/Go DC United (Saturday)! I must say though, El Salvador has the 
awesomest fans (they fill half of RFK!!)

//Everything soccer is "security" related. Someone always ends up in 
jail after or during a game.
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

[funsec] A perfect marriage: vuvuzelas and soccer

2010-06-14 Thread Ned Fleming 

There's nothing like a one-one or, better yet, a nil-nil tie in soccer
(that's "association football" for the kiwis). 
 
The vuvuzela adds the perfect accompaniment to the drudgery of soccer
-- an incessant, tiresome drone. Top it off with laudanum and you may
have the ideal trifecta.
 
Security related?
 
Protect your hearing (and sanity) with ear plugs. The vuvuzela
discharges a 127 decibel screech. Also, don't get addicted to
laudanum.

-- 

Ned


___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Re: [funsec] Unreal IRCd backdoor

2010-06-14 Thread Larry Seltzer 
Similar to an incident with WordPress a few years ago.

One of the lessons people seem to want to learn from this is to check
MD5s, but I don't see what that accomplishes. Usually the MD5 is stored
alongside the file that has been compromised; if they can compromise the
main file, surely they can make a new MD5.

The unrealircd guys are starting to use GPG which is a better solution (if
they're careful with their keys)(and as long as the source tree they're
signing hasn't been compromised), but GPG is a PITA. After the Wordpress
incident I proposed an easier method:
http://www.eweek.com/c/a/Security/A-Cheap-and-Easy-Proposal-for-File-Distr
ibution-Safety/

LJS

-Original Message-
From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On
Behalf Of Juha-Matti Laurio
Sent: Monday, June 14, 2010 7:51 AM
To: Gadi Evron; funsec@linuxbox.org
Subject: Re: [funsec] Unreal IRCd backdoor

Advisory and MD5's listed at
http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt

Juha-Matti

Gadi Evron [...@linuxbox.org] kirjoitti:
> Very interesting post by Fyodor:
> http://seclists.org/nmap-dev/2010/q2/826
>
>   Gadi.
>
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Re: [funsec] Unreal IRCd backdoor

2010-06-14 Thread Juha-Matti Laurio 
Advisory and MD5's listed at
http://www.unrealircd.com/txt/unrealsecadvisory.20100612.txt

Juha-Matti

Gadi Evron [...@linuxbox.org] kirjoitti: 
> Very interesting post by Fyodor:
> http://seclists.org/nmap-dev/2010/q2/826
> 
>   Gadi.
> 
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Re: [funsec] Privacy Police Go Paranoid Against Google

2010-06-14 Thread Jon Kibler 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 6/14/10 2:06 AM, der Mouse wrote:
>> =0AWhy=0Ado people get so irrational about privacy issues?
> 
> I'm not convinced it's irrational.
> 
> Personally, at least, it's all about keeping the thin end of the wedge
> out.  See xkcd #743 (and don't skip the years at the top; I did for a
> while and it made no sense until I noticed them).


Except that you have to look REALLY close -- and maybe do so 2 or 3
times -- to realize that the second year is '2010' and not '200'!! (Or,
am I getting that blind?)


- -- 
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o/c/s: 843-849-8214 / 843-813-2924 / 843-564-4224
e: jon.kib...@aset.com or jon.r.kib...@gmail.com
s: JonRKibler
http://www.linkedin.com/in/jonrkibler

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkwV058ACgkQUVxQRc85QlNqTACgnri9M5uEElTg8rpzD7/QxU68
gXIAn0V1Jy4XDH7AV0UsULMWYHPuMiXg
=+W5B
-END PGP SIGNATURE-
___
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.