[funsec] Patent absurdity (recidivus)
An interesting infographic, showing patent cooperation (some) and conflict (a whole mess). http://visual.ly/tech-patent-wars http://www.fastcodesign.com/1669900/infographic-sweet-jesus-the-patent-war-has- gotten-crazy I found this on the same day I found out about Apple patenting the iPen: http://www.scientificamerican.com/article.cfm?id=apples-next-invention-the-ipen- 2012-05WT.mc_id=SA_CAT_TECH_20120529 http://news.cnet.com/8301-13579_3-57440736-37/apple-tinkers-with-ipen-stylus- and-haptic-feedback/ Which is personally annoying. For some time I have wanted some form of smart pen (or pencil: I'm not picky) that will actually write on paper, but also store what you wrote. (It's the way I do most of the initial research for my reviews.) No, I don't want a pad and stylus: just the pen. I can download the notes later (probably via USB). The precursors of this came out a while back. The mere existence of Apple's patent is probably the reason they haven't developed. Whether Apple intends to do anything with it or not. For some time I have been engaged in various contracts involving the breaking of old patents. As an author, I naturally have some sympathy for the protection of intellectual property. But the further I go in this field, the more I am beginning to think that the entire concept is hopelessly and inherently flawed ... == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org `Who hath dared to wound thee?' cried the giant; `tell me, that I may take my big sword and slay him.' `Nay!' answered the child, `but these are wounds of love.' - `The Selfish Giant,' Oscar Wilde victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Words to spy by ...
I see a meme developing... people flooding public streams like Twitter and Google+ with random paragraphs like Rob's above... system crashes a day or two later... This could be fun! ;D On Tue, May 29, 2012 at 1:10 PM, Kyle Creyts kyle.cre...@gmail.com wrote: Somebody really obviously has their knickers in a bunch over some FUD again. This seems like a terribly overblown article making wild accusations about what is really obviously a situational awareness tool, not a system to track specific individuals. You don't put words like tornado on a list of words to seek for spying on individuals. On Tue, May 29, 2012 at 3:04 PM, Rob, grandpa of Ryan, Trevor, Devon Hannah rmsl...@shaw.ca wrote: http://www.dailymail.co.uk/news/article-2150281/REVEALED-Hundreds-words-avoid- us ing-online-dont-want-government-spying-you.html This wasn't smart. Obviously some pork barrel project dreamed up by the DHS authorities team (Hail to them!) who are now sickly sorry they looked into cloud computing response. They are going to learn more than they ever wanted to know about exercise fanatics going through the drill. Hopefully this message won't spillover and crash their collapsed parsing app, possibly straining a data leak. You can probably plot the failures at the NSA as the terms flood in. They should have asked us for help, or at least aid. Excuse, me, according to the time on my watch, I have to leave off working on this message, wave bye-bye, and get some gas in the car, and then get a Subway for the nuclear family's dinner. Afterwards, we're playing Twister! (Dedicated denial of service? Really?) == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org Every act of communication is an act of translation - G. Rabassa victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. -- Kyle Creyts Information Assurance Professional BSidesDetroit Organizer ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. -- steve pirk yensid father... the sleeper has awakened... paul atreides - dune kexp.org member august '09 - Google+ pirk.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Patent absurdity (recidivus)
On Wed, May 30, 2012 at 3:38 PM, Rob, grandpa of Ryan, Trevor, Devon Hannah rmsl...@shaw.ca wrote: An interesting infographic, showing patent cooperation (some) and conflict (a whole mess). http://visual.ly/tech-patent-wars http://www.fastcodesign.com/1669900/infographic-sweet-jesus-the-patent-war-has- gotten-crazy I found this on the same day I found out about Apple patenting the iPen: http://www.scientificamerican.com/article.cfm?id=apples-next-invention-the-ipen- 2012-05WT.mc_id=SA_CAT_TECH_20120529 http://news.cnet.com/8301-13579_3-57440736-37/apple-tinkers-with-ipen-stylus- and-haptic-feedback/ Which is personally annoying. For some time I have wanted some form of smart pen (or pencil: I'm not picky) that will actually write on paper, but also store what you wrote. (It's the way I do most of the initial research for my reviews.) No, I don't want a pad and stylus: just the pen. I can download the notes later (probably via USB). The precursors of this came out a while back. The mere existence of Apple's patent is probably the reason they haven't developed. Whether Apple intends to do anything with it or not. For some time I have been engaged in various contracts involving the breaking of old patents. As an author, I naturally have some sympathy for the protection of intellectual property. But the further I go in this field, the more I am beginning to think that the entire concept is hopelessly and inherently flawed ... I look at it this way - software patents are probably here to stay. For those who want and/or use them, let them die by the sword, too. Make them subject to software liability laws when their insecure or broken crap really breaks. The same for the DRM folks - let them have their $10,000 fines. Every time they accidentally accuse us or deny us access as a licensed user, allow us to redress the action for $10,000. Jeff ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Flame on!
I have been reading about the new Flame (aka Flamer, aka sKyWIper) supervirus. [AArrg Sorry. I will try and keep the screaming, in my outside voice, to a minimum.] From http://www.telegraph.co.uk/news/worldnews/middleeast/iran/9295938/Flame- worlds-most-complex-computer-virus-exposed.html This virus [1] is 20 times more powerful than any other! [Why? Because it has 20 times more code? Because it is running on 20 times more computers? (It isn't. If you aren't a sysadmin in the Middle East you basically don't have to worry.) Because the computers it is running on are 20 times more powerful? This claim is pointless and ridiculous.] [I had it right the first time. The file that is being examined is 20 megabytes. Sorry, I'm from the old days. Anybody who needs 20 megs to build a piece of malware isn't a genius. Tight code is *much* more impressive. This is just sloppy.] It could only have been created by a state. [What have you got against those of us who live in provinces?] Flame can gather data files, remotely change settings on computers, turn on computer microphones to record conversations, take screen shots and copy instant messaging chats. [So? We had RATs that could do that at least a decade ago.] ... a Russian security firm that specialises in targeting malicious computer code ... made the 20 megabyte virus available to other researchers yesterday claiming it did not fully understand its scope and said its code was 100 times the size of the most malicious software. [I rather doubt they made the claim that they didn't understand it. It would take time to plow through 20 megs of code, so it makes sense to send it around the AV community. But I still say these size of code and most malicious statements are useless, to say the least.] It was released five years ago and had infected machines in Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt. [Five years? Good grief! This thing is a pretty wimpy virus! (Or self-limiting in some way.) Even in the days of BSIs and sneakernet you could spread something around the world in half a year at most.] If Flame went on undiscovered for five years, the only logical conclusion is that there are other operations ongoing that we don't know about. [Yeah. Like not reproducing.] The file, which infects Microsoft Windows computers, has five encryption algorithms, [Gosh! The best we could do before was a couple of dozen!] exotic data storage formats [Like not plain text.] and the ability to steal documents, spy on computer users and more. [Yawn.] Components enable those behind it, who use a network of rapidly-shifting command and control servers to direct the virus ... [Gee! You mean like a botnet or something?] Sorry. Yes, I do know that this is supposed to be (and probably is) state- sponsored, and purposefully written to attack specific targets and evade detection. I get it. It will be (marginally) interesting to see what they pull out of the code over the next few years. It's even kind of impressive that someone built a RAT that went undetected for that long, even though it was specifically built to hide and move slowly. But all this supervirus nonsense is giving me pains. [1] First off, everybody is calling it a virus. But many reports say they don't know how it got where it was found. Duh! If it's a virus, that's kind of the first issue, isn't it? == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org Any American was bred to want to take over things; your water supply, your mineral deposits, your entire country, your wife ... Something American had happened to his wife ... there was no other possible explantion. - `The Whirlpool', Jane Urquhart victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
[funsec] Sarcastic computing!
Right. Just what we needed ... http://www.sciencedaily.com/releases/2012/05/120530152345.htm == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org No experiment is ever a total waste: it can always be used as a bad example - science maxim victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Flame on!
a-effin-men Rob! I went through the same screaming fit too Even though it sounds clever until you dig in just a little bit... 20 freakin meg in size? I mean seriously The only reason it hasn't been caught in 5 years (if that's even true) is because it's so freakin' huge LOL oh and I love the way this is the new APT as well... as if Conficker or Stuxnet wasn't advanced or persistant enough for some folks just because it's not the flavour of the day Michael P. Blanchard Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE Office of Information Security Risk Management EMC ² Corporation 32 Coslin Drive Southboro, MA 01772 -Original Message- From: funsec-boun...@linuxbox.org [mailto:funsec-boun...@linuxbox.org] On Behalf Of Rob, grandpa of Ryan, Trevor, Devon Hannah Sent: Wednesday, May 30, 2012 9:16 PM To: funsec@linuxbox.org Subject: [funsec] Flame on! I have been reading about the new Flame (aka Flamer, aka sKyWIper) supervirus. [AArrg Sorry. I will try and keep the screaming, in my outside voice, to a minimum.] From http://www.telegraph.co.uk/news/worldnews/middleeast/iran/9295938/Flame- worlds-most-complex-computer-virus-exposed.html This virus [1] is 20 times more powerful than any other! [Why? Because it has 20 times more code? Because it is running on 20 times more computers? (It isn't. If you aren't a sysadmin in the Middle East you basically don't have to worry.) Because the computers it is running on are 20 times more powerful? This claim is pointless and ridiculous.] [I had it right the first time. The file that is being examined is 20 megabytes. Sorry, I'm from the old days. Anybody who needs 20 megs to build a piece of malware isn't a genius. Tight code is *much* more impressive. This is just sloppy.] It could only have been created by a state. [What have you got against those of us who live in provinces?] Flame can gather data files, remotely change settings on computers, turn on computer microphones to record conversations, take screen shots and copy instant messaging chats. [So? We had RATs that could do that at least a decade ago.] ... a Russian security firm that specialises in targeting malicious computer code ... made the 20 megabyte virus available to other researchers yesterday claiming it did not fully understand its scope and said its code was 100 times the size of the most malicious software. [I rather doubt they made the claim that they didn't understand it. It would take time to plow through 20 megs of code, so it makes sense to send it around the AV community. But I still say these size of code and most malicious statements are useless, to say the least.] It was released five years ago and had infected machines in Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt. [Five years? Good grief! This thing is a pretty wimpy virus! (Or self-limiting in some way.) Even in the days of BSIs and sneakernet you could spread something around the world in half a year at most.] If Flame went on undiscovered for five years, the only logical conclusion is that there are other operations ongoing that we don't know about. [Yeah. Like not reproducing.] The file, which infects Microsoft Windows computers, has five encryption algorithms, [Gosh! The best we could do before was a couple of dozen!] exotic data storage formats [Like not plain text.] and the ability to steal documents, spy on computer users and more. [Yawn.] Components enable those behind it, who use a network of rapidly-shifting command and control servers to direct the virus ... [Gee! You mean like a botnet or something?] Sorry. Yes, I do know that this is supposed to be (and probably is) state- sponsored, and purposefully written to attack specific targets and evade detection. I get it. It will be (marginally) interesting to see what they pull out of the code over the next few years. It's even kind of impressive that someone built a RAT that went undetected for that long, even though it was specifically built to hide and move slowly. But all this supervirus nonsense is giving me pains. [1] First off, everybody is calling it a virus. But many reports say they don't know how it got where it was found. Duh! If it's a virus, that's kind of the first issue, isn't it? == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org Any American was bred to want to take over things; your water supply, your mineral deposits, your entire country, your wife ... Something American had happened to his wife ... there was no other possible explantion. - `The Whirlpool', Jane Urquhart victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade ___ Fun and
Re: [funsec] Flame on!
On Wed, 30 May 2012 22:51:09 -0400, michael.blanch...@emc.com said: a-effin-men Rob! I went through the same screaming fit too Even though it sounds clever until you dig in just a little bit... 20 freakin meg in size? I mean seriously The only reason it hasn't been caught in 5 years (if that's even true) is because it's so freakin' huge LOL All the AV products probably have a check If it's a binary over X bytes in size, it must be a legit binary from Microsoft or Adobe check. Somebody probably just wrote a meg of code, then pasted in 19M of total dead-code crap from Microsoft Flight Simulator just to bulk it up over the limit. Flame can gather data files, remotely change settings on computers, turn on computer microphones to record conversations, take screen shots and copy instant messaging chats. [So? We had RATs that could do that at least a decade ago.] How big was Back Orifice, which did much of the same stuff *way* back when? pgpPHAXVeAsmz.pgp Description: PGP signature ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Flame on!
From: michael.blanch...@emc.com Date sent: Wed, 30 May 2012 22:51:09 -0400 oh and I love the way this is the new APT as well... Please ... I just got settled down from Flame ... mention APT and I'm likely to break out in blogs again ... http://blogs.securiteam.com/index.php/archives/1503 == (quote inserted randomly by Pegasus Mailer) rsl...@vcn.bc.ca sl...@victoria.tc.ca rsl...@computercrime.org -The information went data way -- victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Flame on!
Back Orafice was da shizzle back in the day! - Original Message - From: valdis.kletni...@vt.edu [mailto:valdis.kletni...@vt.edu] Sent: Wednesday, May 30, 2012 11:23 PM To: Blanchard, Michael (InfoSec) Cc: rmsl...@shaw.ca rmsl...@shaw.ca; funsec@linuxbox.org funsec@linuxbox.org Subject: Re: [funsec] Flame on! On Wed, 30 May 2012 22:51:09 -0400, michael.blanch...@emc.com said: a-effin-men Rob! I went through the same screaming fit too Even though it sounds clever until you dig in just a little bit... 20 freakin meg in size? I mean seriously The only reason it hasn't been caught in 5 years (if that's even true) is because it's so freakin' huge LOL All the AV products probably have a check If it's a binary over X bytes in size, it must be a legit binary from Microsoft or Adobe check. Somebody probably just wrote a meg of code, then pasted in 19M of total dead-code crap from Microsoft Flight Simulator just to bulk it up over the limit. Flame can gather data files, remotely change settings on computers, turn on computer microphones to record conversations, take screen shots and copy instant messaging chats. [So? We had RATs that could do that at least a decade ago.] How big was Back Orifice, which did much of the same stuff *way* back when? ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Re: [funsec] Flame on!
For what it's worth, my distant cousin Rik has a great picture in his blog post about Flame -- enjoy. :-) http://countermeasures.trendmicro.eu/fighting-the-flames/ While Rik uses the B.S. detector, I use the B.S. Protector: http://www.banderasnews.com/howto/bullshit.htm Enjoy x2. :-) - ferg On Wed, May 30, 2012 at 8:48 PM, Rob, grandpa of Ryan, Trevor, Devon Hannah rmsl...@shaw.ca wrote: From: michael.blanch...@emc.com Date sent: Wed, 30 May 2012 22:51:09 -0400 oh and I love the way this is the new APT as well... Please ... I just got settled down from Flame ... mention APT and I'm likely to break out in blogs again ... http://blogs.securiteam.com/index.php/archives/1503 -- Fergie, a.k.a. Paul Ferguson fergdawgster(at)gmail.com ___ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.