Log in

Or connect using:
Entries feed for alobar
bruce_schneier July 21 2014, 20:57

Fingerprinting Computers By Making Them Draw Images

https://www.schneier.com/blog/archives/2014/07/fingerprinting_.html

Here's a new way to identify individual computers over the Internet. The page instructs the browser to draw an image. Because each computer draws the image slightly differently, this can be used to uniquely identify each computer. This is a big deal, because there's no way to block this right now.

Article. Hacker News thread.

EDITED TO ADD (7/22): This technique was first described in 2012. And it seems that NoScript blocks this. Privacy Badger probably blocks it, too.

EDITED TO ADD (7/23): EFF has a good post on who is using this tracking system -- the White House is -- and how to defend against it.

And a good story on BoingBoing.

bruce_schneier July 17 2014, 20:34

US National Guard is Getting Into Cyberwar

https://www.schneier.com/blog/archives/2014/07/us_national_gua.html

The Maryland Air National Guard needs a new facility for its cyberwar operations:

The purpose of this facility is to house a Network Warfare Group and ISR Squadron. The Cyber mission includes a set of capabilities, expertise to enable the cyber operational need for an always-on, net-speed awareness and integrated operational response with global reach. It enables operators to drive upstream in pursuit of cyber adversaries, and is informed 24/7 by intelligence and all-source information.

Is this something we want the Maryland Air National Guard to get involved in?

bruce_schneier July 17 2014, 12:00

Hackers Steal Personal Information of US Security-Clearance Holders

https://www.schneier.com/blog/archives/2014/07/hackers_steal_p.html

The article says they were Chinese but offers no evidence:

The intrusion at the Office of Personnel Management was particularly disturbing because it oversees a system called e-QIP, in which federal employees applying for security clearances enter their most personal information, including financial data. Federal employees who have had security clearances for some time are often required to update their personal information through the website.

This is a big deal. If I were a government, trying to figure out who to target for blackmail, bribery, and other coercive tactics, this would be a nice database to have.

bruce_schneier July 15 2014, 19:50

Risks of Keyloggers on Public Computers

https://www.schneier.com/blog/archives/2014/07/risks_of_keylog.html

Brian Krebs is reporting that:

The U.S. Secret Service is advising the hospitality industry to inspect computers made available to guests in hotel business centers, warning that crooks have been compromising hotel business center PCs with keystroke-logging malware in a bid to steal personal and financial data from guests.

It's actually a very hard problem to solve. The adversary can have unrestricted access to the computer, especially hotel business center computers that are often tucked away where no one else is looking. I assume that if someone has physical access to my computer, he can own it. This is doubly true if he has hardware access.

bruce_schneier July 15 2014, 11:19

Legal Attacks Against Tor

https://www.schneier.com/blog/archives/2014/07/the_war_against.html

Last week, we learned that the NSA targets people who look for information about Tor. A few days later, the operator of a Tor exit node in Austria has been found guilty as an accomplice, because someone used his computer to transmit child porn. Even more recently, Tor has been named as a defendant in a revenge-porn suit in Texas because it provides web-porn operators with privacy.

Here's the EFF: "Seven Things You Should Know About Tor."

EDITED TO ADD (7/16): It seems that article about Tor in Austria was wrong.


bruce_schneier July 14 2014, 18:41

GCHQ Catalog of Exploit Tools

https://www.schneier.com/blog/archives/2014/07/gchq_catalog_of.html

The latest Snowden story is a catalog of exploit tools from JTRIG (Joint Threat Research Intelligence Group), a unit of the British GCHQ, for both surveillance and propaganda. It's a list of code names and short descriptions, such as these:

GLASSBACK: Technique of getting a targets IP address by pretending to be a spammer and ringing them. Target does not need to answer.

MINIATURE HERO: Active skype capability. Provision of real time call records (SkypeOut and SkypetoSkype) and bidirectional instant messaging. Also contact lists.

MOUTH: Tool for collection for downloading a user's files from Archive.org.

PHOTON TORPEDO: A technique to actively grab the IP address of MSN messenger user.

SILVER SPECTOR: Allows batch Nmap scanning over Tor.

SPRING BISHOP: Find private photographs of targets on Facebook.

ANGRY PIRATE: is a tool that will permanently disable a target's account on their computer.

BUMPERCAR+: is an automated system developed by JTRIG CITD to support JTRIG BUMPERCAR operations. BUMPERCAR operations are used to disrupt and deny Internet-based terror videos or other materials. The techniques employs the services provided by upload providers to report offensive materials.

BOMB BAY: is the capacity to increase website hits/rankings.

BURLESQUE: is the capacity to send spoofed SMS messages.

CLEAN SWEEP: Masquerade Facebook Wall Posts for individuals or entire countries.

CONCRETE DONKEY: is the capacity to scatter an audio message to a large number of telephones, or repeatedely bomb a target number with the same message.

GATEWAY: Ability to artificially increase traffic to a website.

GESTATOR: amplification of a given message, normally video, on popular multimedia websites (Youtube).

SCRAPHEAP CHALLENGE: Perfect spoofing of emails from Blackberry targets.

SUNBLOCK: Ability to deny functionality to send/receive email or view material online.

SWAMP DONKEY: is a tool that will silently locate all predefined types of file and encrypt them on a targets machine

UNDERPASS: Change outcome of online polls (previously known as NUBILO).

WARPATH: Mass delivery of SMS messages to support an Information Operations campaign.

HAVLOCK: Real-time website cloning techniques allowing on-the-fly alterations.

HUSK: Secure one-on-one web based dead-drop messaging platform.

There's lots more. Go read the rest. This is a big deal, as big as the TAO catalog from December.

I would like to post the entire list. If someone has a clever way of extracting the text, or wants to retype it all, please send it to me.

EDITED TO ADD (7/16): HTML of the entire catalog is here.

bruce_schneier July 14 2014, 12:11

Studying Network Incident Response Teams Using Anthropological Methods

https://www.schneier.com/blog/archives/2014/07/studying_networ.html

This is an interesting paper: "An Anthropological Approach to Studying CSIRTs." A researcher spent 15 months at a university's SOC conducting "ethnographic fieldwork." Right now it's more about the methodology than any results, but I'll bet the results will be fascinating.

And here's some information about the project.

bruce_schneier July 11 2014, 11:34

This Leaked NSA Memo Will Restore Your Faith in Humanity

https://www.schneier.com/blog/archives/2014/07/this_leaked_nsa.html

Okay, it's a parody:

The Russian Federation is more complex. At a political level there's a lot of grandstanding. Operationally though, we share intelligence with Russia on anyone who is a mutual target (and that, ironically, includes most of the Russian Federation). China is our main mutual target because it refuses to share the economic intelligence data it gathers about either Russia or America. All of us, however, have agreed to share intelligence data on the French.

Welcome to the new LiveJournal

Some changes have been made to LiveJournal, and we hope you enjoy them! As we continue to improve the site on a daily basis to make your experience here better and faster, we would greatly appreciate your feedback about these changes. Please let us know what we can do for you!

Send feedback

Switch back to old version

LiveJournal Feedback

See a bug? Let us know! Here you can also share your thoughts and ideas about updates to LiveJournal

Your request has been filed. You can track the progress of your request at:
If you have any other questions or comments, you can add them to that request at any time.

Send another report Close feedback form

If you're a LiveJournal user, you will be logged in after submitting your request.

(optional, if you're a LiveJournal user only)

(optional, if you're a LiveJournal user only)

(not shown to the public)

If you have a billing inquiry, please go here to submit your question.

Provide a link to the page where you are experiencing the error

Do not include any sensitive information, such as your password or phone number. No HTML allowed.

If you can't pass the human test, email your inquiry to: support@livejournal.com