Showing posts with label computer. Show all posts
Showing posts with label computer. Show all posts
Friday, January 18, 2019
Counterespionage Checklist: How to Be Safe on the Internet
An open source checklist of resources designed to improve your online privacy and security. Check things off to keep track as you go. more Scott Adams
Wednesday, January 9, 2019
Who Are You...Online - Become an OSINT Awesome and Find Out
We are going to show you how to research yourself and discover what information is publicly known about you...
You will not find all the information on a single website. Instead you start with one website, learn some details, then use those details to search on and learn from other sites. Then you combine and compare results to create a profile or dossier of your subject.
A good place to start is with search engines such as Google, Bing, or DuckDuckGo. Each of these have indexed different information about you...
Start by typing your name in quotes, but after that expand your search...
Examples include:
“FirstName LastName” > What information can I find online about this person
“Firstname Lastname@” > Find possible email addresses associated with this person
“Firstname lastname” filetype:doc > Any word documents that contain this person’s name
more
sing-a-long
You will not find all the information on a single website. Instead you start with one website, learn some details, then use those details to search on and learn from other sites. Then you combine and compare results to create a profile or dossier of your subject.
Start by typing your name in quotes, but after that expand your search...
Examples include:
“FirstName LastName” > What information can I find online about this person
“Firstname Lastname@” > Find possible email addresses associated with this person
“Firstname lastname” filetype:doc > Any word documents that contain this person’s name
more
sing-a-long
Friday, December 21, 2018
This Month in... Bots Gone Wild
Sneaky parrot uses Amazon Alexa to shop while owner is away. more
GPS signals across far northern Norway and Finland failed. Civilian airplanes were forced to navigate manually, and ordinary citizens could no longer trust their smartphones. more
Virgin Australia is under investigation after two engines on one of its aircraft "flamed out" during descent and had to be manually re-ignited before the aircraft hit the tarmac. more
Drone shatters passenger jet’s nosecone and radar during landing. more
Uber manager in March: “We shouldn’t be hitting things every 15,000 miles.” "They told me incidents like that happen all of the time," whistleblower wrote. more
New Zealand courts banned naming Grace Millane’s accused killer. Google just emailed it out. more
She'd just had a stillborn child. Tech companies wouldn't let her forget it. A woman pleads with tech companies like Facebook and Twitter to stop serving her ads to intensify her grief. more
Microsoft is sending users who search for Office 2019 download links via its Bing search engine to a website that teaches them the basics about pirating the company's Office suite. more
Delivery robot bursts into flames at UC Berkeley. more
Rudy Giuliani Says Twitter Sabotaged His Tweet (not true) more
Mystery Drone Still on the Loose at Gatwick Airport, But Flights Resume Anyway more
Thousands of people trusted Blind, an app-based "anonymous social network," as a safe way to reveal malfeasance, wrongdoing and improper conduct at their companies. But Blind left one of its database servers exposed without a password, making it possible for anyone who knew where to look to access each user's account information and identify would-be whistleblowers. more
...and a cautionary tale.
GPS signals across far northern Norway and Finland failed. Civilian airplanes were forced to navigate manually, and ordinary citizens could no longer trust their smartphones. more
Virgin Australia is under investigation after two engines on one of its aircraft "flamed out" during descent and had to be manually re-ignited before the aircraft hit the tarmac. more
Drone shatters passenger jet’s nosecone and radar during landing. more
Uber manager in March: “We shouldn’t be hitting things every 15,000 miles.” "They told me incidents like that happen all of the time," whistleblower wrote. more
New Zealand courts banned naming Grace Millane’s accused killer. Google just emailed it out. more
She'd just had a stillborn child. Tech companies wouldn't let her forget it. A woman pleads with tech companies like Facebook and Twitter to stop serving her ads to intensify her grief. more
Microsoft is sending users who search for Office 2019 download links via its Bing search engine to a website that teaches them the basics about pirating the company's Office suite. more
Delivery robot bursts into flames at UC Berkeley. more
Rudy Giuliani Says Twitter Sabotaged His Tweet (not true) more
Mystery Drone Still on the Loose at Gatwick Airport, But Flights Resume Anyway more
Thousands of people trusted Blind, an app-based "anonymous social network," as a safe way to reveal malfeasance, wrongdoing and improper conduct at their companies. But Blind left one of its database servers exposed without a password, making it possible for anyone who knew where to look to access each user's account information and identify would-be whistleblowers. more
...and a cautionary tale.
Thursday, December 13, 2018
Your Mobile Device Could Spill Its Guts (and worse) Get You Arrested
Last year, over 29,000 travelers had their devices searched at the US border.
A new report by the Department of Homeland Security’s internal watchdog has concluded that the agency does not always adequately delete data seized as part of a border search of electronic devices, among other concerns.
According to a new 24-page document released Tuesday by DHS’ Office of Inspector General, investigators found that some USB sticks, containing data copied from electronic devices searched at the border, "had not been deleted after the searches were completed."...
Federal authorities do not need a warrant to examine a phone or a computer seized at the border. They rely on what’s known as the "border doctrine"—the legal idea that warrants are not required to conduct a search at the border. This legal theory has been generally recognized by courts... more
Spybuster Tip #841: Device searches occur (even more often) when entering (or leaving) certain foreign countries. If you need to take your mobile device on a trip you should consider doing a data extraction on your device, before you leave... and before they do it for you.
A new report by the Department of Homeland Security’s internal watchdog has concluded that the agency does not always adequately delete data seized as part of a border search of electronic devices, among other concerns.
According to a new 24-page document released Tuesday by DHS’ Office of Inspector General, investigators found that some USB sticks, containing data copied from electronic devices searched at the border, "had not been deleted after the searches were completed."...
Federal authorities do not need a warrant to examine a phone or a computer seized at the border. They rely on what’s known as the "border doctrine"—the legal idea that warrants are not required to conduct a search at the border. This legal theory has been generally recognized by courts... more
Spybuster Tip #841: Device searches occur (even more often) when entering (or leaving) certain foreign countries. If you need to take your mobile device on a trip you should consider doing a data extraction on your device, before you leave... and before they do it for you.
- To be sure you are not carrying data that you can't afford to loose.
- To be sure you are not carrying contraband data (porn, propaganda, etc.).
Remember, even erased data can be exhumed by them. - To document the actually data you are taking—to counter false accusations.
Thursday, November 1, 2018
Apple's New T2 Chip - An Eavesdropper Stopper
At a recent event in New York, Apple finally refreshed its MacBook Air lineup, and the new laptops come with a refreshing new capability — warding off hackers or spies from eavesdropping on your microphone.According to Apple’s new T2 security guide, both, the new MacBook Air, and the MacBook Pro use the new T2 chip, which helps protect the device’s encryption keys, storage, fingerprint data, and secure boot features.
Per the guide, the T2 chip comes with a hardware microphone disconnect feature, which physically cuts the device’s microphone from the rest of the hardware whenever the lid is closed. more
Saturday, September 15, 2018
FutureWatch: Spying on a Computer Screen Via the Microphone
The research, supported by the Check Point Institute for Information Security at Tel Aviv University (of which Schuster and Tromer are members) and funded in part by the Defense Advanced Research Projects Agency, examined what amounts to an acoustic form of Van Eck phreaking. While Van Eck phreaking uses radio signal emissions that leak from display connectors, the Synesthesia research leverages "coil whine," the audio emissions from transformers and other electronic components powering a device's LCD display. more
Friday, September 14, 2018
The Cold Boot Attack is Back – Don't Leave Laptops Unattended
 |
| Credit: F-Secure |
This vulnerability is particularly worrisome for organizations that regularly handle sensitive information, such as banks or government agencies, because the information gathered from a compromised laptop could let hackers work their way into other systems...
Because the attack requires physical access, it's also hard to know if someone has already discovered and used it. F-Secure characterized the attack as something that a low-level hacker might not discover but that anyone interested in corporate espionage or the like would be very interested in. Organizations have to decide if they want to proceed as if they were affected, which could be costly, or if they'll ignore the issue.
F-Secure advised concerned organizations to require Bitlocker PIN entry when a laptop powers up or restarts, to make sure employees force the laptops to shut down or hibernate instead of going into sleep mode and to keep laptops safe and have a plan for if they go missing. Aside from those steps, however, it's up to the laptop industry to make sure their products aren't susceptible to this modified attack. more
Q.v. USB Stick Warnings
Friday, September 7, 2018
Downer of the Day – Paranoia Is Now a Best Practice
Bust out the tinfoil—the data security crisis is worse than you ever imagined...he 2010s will be remembered as the first decade in which we, the people, paid for the pleasure of welcoming Big Brother into our lives.
When George Orwell depicted an inescapable surveillance state — telescreens in every room monitoring every move, recording every sound, and reporting it all to the authoritarian leader — in his classic novel 1984, he probably never imagined that in 2018, folks would pay $600 (plus a recurring monthly fee) for the privilege of carrying a telescreen in their pockets. more
Buy yours now.
Thursday, September 6, 2018
Computer Screens Emit Sounds that Reveal Data
Computer scientists from Tel Aviv University, the University of Pennsylvania and the University of Michigan have discovered a computer version of synesthesia that allows them to determine what’s being displayed on a monitor by listening to sounds emitted by the monitor.
As you might suspect, those sounds are very faint and not easily detected by human hearing. But they are there as tiny high-pitched tones produced by a monitor’s power supply in response to the varying demands of the screen display. But special equipment isn’t required to exploit the vulnerability that’s produced by this characteristic of most monitors.
In their paper, which was released on Aug. 21, the scientists showed that those sounds could be recorded using the microphone in a standard consumer webcam, by a smartphone or by a digital assistant such as an Amazon Echo or Google Home device.
Furthermore, this exploit does not require the presence on site of the attacker. They can record the sounds over a remote call, such as one from Google Hangouts. The amount of information that the researchers were able to discern using their method was remarkable... more
In their paper, which was released on Aug. 21, the scientists showed that those sounds could be recorded using the microphone in a standard consumer webcam, by a smartphone or by a digital assistant such as an Amazon Echo or Google Home device.
Furthermore, this exploit does not require the presence on site of the attacker. They can record the sounds over a remote call, such as one from Google Hangouts. The amount of information that the researchers were able to discern using their method was remarkable... more
Wednesday, September 5, 2018
Drive-by Hackers Can Spy on Millions of Chrome Users Through Their Webcams
Drive-by hackers can spy on millions of Chrome users through their WEBCAMS experts claim, after finding a security glitch in the browser.
The glitch affects people who have logged onto their router as admin and saved details in their browser. more
- According to UK cyber-security experts, hackers could attack entire streets.
- They might be able to steal passwords and activate webcams in an attack.
- Experts reported the issue to Google earlier this year but was told that it was working fine.
The glitch affects people who have logged onto their router as admin and saved details in their browser. more
Monday, August 27, 2018
Auction: Apple I on the Block
A piece of computer history that helped launch a trillion dollar company is hitting the auction block.
A fully functioning Apple-1 being auctioned by Boston-based RR Auction
in September is one of only 60 or so remaining of the original 200 that
were designed and built by Steve Jobs and Steve Wozniak in 1976 and
1977...
The Apple 1 originally sold for about $666. It could get $300,000 or more at auction. more
A fully functioning Apple-1 being auctioned by Boston-based RR Auction
in September is one of only 60 or so remaining of the original 200 that
were designed and built by Steve Jobs and Steve Wozniak in 1976 and
1977...The Apple 1 originally sold for about $666. It could get $300,000 or more at auction. more
Thursday, August 9, 2018
Facial Recognition Technology – Not Ready for PRIME Time
Amazon.com’s facial
recognition tools incorrectly identified Rep. John Lewis (D-Ga.) and 27
other members of Congress as people arrested for a crime during a test
commissioned by the American Civil Liberties Union of Northern
California, the watchdog said Thursday...Amazon’s so-called Rekognition technology — already in use at law-enforcement agencies in Oregon and Orlando — is hampered by inaccuracies... moreSecurity Scrapbook Flashback to 2008.
Tuesday, July 31, 2018
Corporate Espionage Alert: Deep Portrait Videos – Not Just a Government Problem
The bad actors
have stepped up their game with perhaps the most potentially devastating
cyber ruse of all – the high-tech “Deepfake” videos...
Deepfake videos are the residue of new internet technology that supplies almost anyone the ability to alter reality so that subjects can be manipulated to say anything the hacker wants, from the ludicrous and inflammatory to the downright incriminating...appears so real it is almost impossible to spot the bogus video.
The potential security impact of these altered videos has both the federal government and the U.S. Intelligence community on high alert...
“This started several years ago with fake videos and then it turned into Deepfake videos and it’s currently progressing to deep portrait videos,” says Bob Anderson, who is a Principal in The Chertoff Group’s global Strategic Advisory Services and a former national security executive and former Executive Assistant Director with the FBI...
“This is a potentially huge national security threat for a variety of reasons. Picture telecommunication calls or video conference calls that an adversary could potentially interject a fake deep portrait video of a three-star general or CEO of a company directing members of that company or organization to partake in potential detrimental national security or criminal actions,” Anderson says. “Nation-states like Russia, China and Iran could potentially utilize this technology for a variety of counterintelligence, corporate espionage, economic espionage and political influence campaigns across the United States.” more
Deepfake videos are the residue of new internet technology that supplies almost anyone the ability to alter reality so that subjects can be manipulated to say anything the hacker wants, from the ludicrous and inflammatory to the downright incriminating...appears so real it is almost impossible to spot the bogus video.
The potential security impact of these altered videos has both the federal government and the U.S. Intelligence community on high alert...
“This started several years ago with fake videos and then it turned into Deepfake videos and it’s currently progressing to deep portrait videos,” says Bob Anderson, who is a Principal in The Chertoff Group’s global Strategic Advisory Services and a former national security executive and former Executive Assistant Director with the FBI...
“This is a potentially huge national security threat for a variety of reasons. Picture telecommunication calls or video conference calls that an adversary could potentially interject a fake deep portrait video of a three-star general or CEO of a company directing members of that company or organization to partake in potential detrimental national security or criminal actions,” Anderson says. “Nation-states like Russia, China and Iran could potentially utilize this technology for a variety of counterintelligence, corporate espionage, economic espionage and political influence campaigns across the United States.” more
Wednesday, June 27, 2018
Air-Gapped Computers to be Ticked-off via USB Tick-Sticks
A cyber-espionage group is targeting a specific type of secure USB drive created by a South Korean defence company in a bid to gain access to its air-gapped networks. According to a blog post by researchers at Palo Alto Networks, this attack was carried out by a group called Tick which carries out cyber-espionage activities targeting organisations in Japan and Korea.
Researchers said that weaponisation of a secure USB drive is an uncommon attack technique and likely done in an effort to spread to air-gapped systems, these networks are normally not connected to the internet. more
Murray's USB Stick Warnings
Thursday, May 24, 2018
How to encrypt your entire life in less than an hour
Quincy Larson has written an excellent article on how to protect your digital privacy. Worth reading. Worth doing. ~Kevin
“Only the paranoid survive.” — Andy Grove
“Only the paranoid survive.” — Andy Grove
And Grove
isn’t the only powerful person urging caution. Even the director of the
FBI — the same official who recently paid hackers a million dollars to
unlock a shooter’s iPhone — is encouraging everyone to cover their webcams.
But
you obey the law. What do you have to worry about? As the motto of the
United Kingdom’s surveillance program reminds us, “If you’ve got nothing
to hide, you’ve got nothing to fear.”
Well,
law-abiding citizens do have reason to fear. They do have reasons to
secure their devices, their files, and their communications with loved
ones.
“If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged.” — Cardinal Richelieu in 1641
In this article, I will show you how you can protect yourself by leveraging state-of-the-art encryption. In a single sitting, you can make great strides toward securing your privacy. more
Tuesday, May 15, 2018
IBM Bans Removable Drives and Shows World's Smallest Computer
IBM has allegedly issued a worldwide ban against the the use of
removable drives, including Flash, USB, and SD cards, to transfer data.
This new policy is being instituted to prevent confidential and sensitive information from being leaked due to misplaced or unsecured storage devices.
According to a report by TheRegister, IBM's global chief Information security officer Shamla Naidoo issued an advisory stating that the company “is expanding the practice of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive).” This advisory further stated that this policy is already in effect for some departments, but will be further enforced throughout the entire company. more
-------
Today, IBM will be showing off the world's smallest computer at its Think 2018 conference. This computer is the size of a grain of salt, contains a million transistors, and only costs .10 to manufacture.
This micro computer is being unveiled as part of IBM's crypto-anchors initiative, which are digital fingerprints that can be embedded in products such as medicine, cell phones, toys, watches, and even wine to detect counterfeit products. With product fraud costing the global economy $600 billion dollars a year, IBM is hoping crypto-anchors can help stem the tide of fraudulent products and counterfeit drugs...
FutureWatch: Within the next five years, cryptographic anchors — such as ink dots or tiny computers smaller than a grain of salt — will be embedded in everyday objects and devices. more
This new policy is being instituted to prevent confidential and sensitive information from being leaked due to misplaced or unsecured storage devices.
According to a report by TheRegister, IBM's global chief Information security officer Shamla Naidoo issued an advisory stating that the company “is expanding the practice of prohibiting data transfer to all removable portable storage devices (eg: USB, SD card, flash drive).” This advisory further stated that this policy is already in effect for some departments, but will be further enforced throughout the entire company. more
-------
Today, IBM will be showing off the world's smallest computer at its Think 2018 conference. This computer is the size of a grain of salt, contains a million transistors, and only costs .10 to manufacture.This micro computer is being unveiled as part of IBM's crypto-anchors initiative, which are digital fingerprints that can be embedded in products such as medicine, cell phones, toys, watches, and even wine to detect counterfeit products. With product fraud costing the global economy $600 billion dollars a year, IBM is hoping crypto-anchors can help stem the tide of fraudulent products and counterfeit drugs...
FutureWatch: Within the next five years, cryptographic anchors — such as ink dots or tiny computers smaller than a grain of salt — will be embedded in everyday objects and devices. more
Wednesday, April 25, 2018
Corporate Espionage: Spying on X-Ray Machines
A mysterious hacking group has been spying on the healthcare sector by going as far to infect computers that control X-ray and MRI machines with malware. Fortunately, sabotage and patient data collection doesn't appear to be a motive behind the hacking. The attackers were probably focused on corporate espionage and studying how the medical software onboard the computers worked, the security firm Symantec said on Monday.
Evidence shows that the hackers were focused on collecting data about the infected computers and their networks. DiMaggio speculates this may have been done to learn how to pirate the medical software onboard. more
Monday, April 16, 2018
Listening In: Cybersecurity in an Insecure Age (book)
A compelling case for the need to secure our data, explaining how we must maintain cybersecurity in an insecure age.
Tufts University professor Susan Landau has a long and distinguished background in computer security and policy that includes several books on wiretapping and surveillance...
In Listening In: Cybersecurity in an Insecure Age, Landau considers the changing world in which law enforcement must operate with exceptional clarity. She begins with a brief history of cybersecurity. The first known cyberattack was in 1986, when Clifford Stoll began trying to understand a 75-cent discrepancy in computer time; he told the story in detail in his book The Cuckoo's Egg.
The next, and the first proper internet attack -- although it wasn't really intended as such -- was the 1988 Internet Worm. Despite these early warnings, Landau writes, quoting from a US government report, "security lost to convenience in the 1980s. And then it kept on losing". It wasn't until 2008 that cyber-threats began to be taken seriously. more
A Tale of Corporate Espionage in Silicon Valley
...The computer that was funneling information, therefore, didn’t register on the roster of machines controlled and owned by the I.T. department. This left the security team with one definitively old-school option: they literally followed the wire that ran from the server to the rogue computer.
One by one, they plucked up the tiles in the server room, followed the Cat-5 cable as it swam alongside hundreds of other cables, inside the walls, past yellow and white power wires, and through the labyrinthine office, until they found themselves at the end of the cord, which terminated inside a small closet. There, seated behind a laptop, was a young Chinese woman.
The security specialists searched her personal computer and immediately discovered more than 30 pieces of malware that were funneling information out of the servers and back to dozens of computers in China....
Spies and corporate espionage are a fixture of Silicon Valley. Employees at companies from Twitter to SpaceX have privately told me they suspect spooks work within their walls, stealing corporate secrets, plans for new technologies, or entire servers full of code to replicate back home...
The C.E.O. of one of the big tech companies in Silicon Valley once confided in me that not only was there “no question” that Russian and Chinese agents worked at the company, but that it was impossible to know who they were or prove that they were indeed foreign agents. more
One by one, they plucked up the tiles in the server room, followed the Cat-5 cable as it swam alongside hundreds of other cables, inside the walls, past yellow and white power wires, and through the labyrinthine office, until they found themselves at the end of the cord, which terminated inside a small closet. There, seated behind a laptop, was a young Chinese woman.The security specialists searched her personal computer and immediately discovered more than 30 pieces of malware that were funneling information out of the servers and back to dozens of computers in China....
Spies and corporate espionage are a fixture of Silicon Valley. Employees at companies from Twitter to SpaceX have privately told me they suspect spooks work within their walls, stealing corporate secrets, plans for new technologies, or entire servers full of code to replicate back home...
The C.E.O. of one of the big tech companies in Silicon Valley once confided in me that not only was there “no question” that Russian and Chinese agents worked at the company, but that it was impossible to know who they were or prove that they were indeed foreign agents. more
Friday, March 30, 2018
Is Facebook Eavesdropping? A "Scientific" Test & A Possible Explanation
(no spoilers, just teasers)
+++++
Testing the long-held belief that Facebook listens to your conversations to advertise stuff...
For years, people have speculated that Facebook and Facebook Messenger use your phone’s microphone to listen to your conversations and send you targeted adverts based on your IRL chats...
To put the rumor to rest, we at the New Statesman engaged in a very scientific test. Each employee had a scripted conversation in front of their phone with Facebook or Messenger open (after changing their settings to ensure that Facebook and Facebook Messenger had access to their microphones)...
Here's what went down... more
+++++
Facebook Really Is Spying on You...
A conspiracy theory has spread among Facebook and Instagram users: The company is tapping our microphones to target ads...
“Facebook does not use your phone’s microphone to inform ads or to change what you see in News Feed,” says Facebook.
Yeah, sure, and the government swears it isn’t keeping any pet aliens at Area 51. So I contacted former Facebook employees and various advertising technology experts, who all cited technical and legal reasons audio snooping isn’t possible... more
+++++
Testing the long-held belief that Facebook listens to your conversations to advertise stuff...
For years, people have speculated that Facebook and Facebook Messenger use your phone’s microphone to listen to your conversations and send you targeted adverts based on your IRL chats...
To put the rumor to rest, we at the New Statesman engaged in a very scientific test. Each employee had a scripted conversation in front of their phone with Facebook or Messenger open (after changing their settings to ensure that Facebook and Facebook Messenger had access to their microphones)...
Here's what went down... more
+++++
Facebook Really Is Spying on You...
A conspiracy theory has spread among Facebook and Instagram users: The company is tapping our microphones to target ads...
“Facebook does not use your phone’s microphone to inform ads or to change what you see in News Feed,” says Facebook.
Yeah, sure, and the government swears it isn’t keeping any pet aliens at Area 51. So I contacted former Facebook employees and various advertising technology experts, who all cited technical and legal reasons audio snooping isn’t possible... more
Subscribe to:
Posts (Atom)