Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

May 07 2009

antisec

Audit: air traffic systems vulnerable to attack

The nation's air traffic control systems are vulnerable to cyber attacks, and support systems have been breached in recent months allowing hackers access to personnel records and network servers, according to a new report.

The audit done by the Department of Transportation's inspector general concluded that although most of the attacks disrupted only support systems, they could spread to the operational systems that control communications, surveillance and flight information used to separate aircraft.

The report noted several recent cyber attacks, including a February incident when hackers gained access to personal information on about 48,000 current and former FAA employees, and an attack in 2008 when hackers took control of some FAA network servers.

Auditors said the Federal Aviation Administration is not able to adequately detect potential cyber security attacks, and it must better secure its systems against hackers and other intruders.

May 04 2009

antisec

http://Country Reports on Terrorism 2008

Country Reports on Terrorism 2008 Country Reports on Terrorism 2008 Silendo

April 28 2009

antisec

Research on Really Reliable and Secure System Software (R3S3)

The positions were created when Prof. Andrew S. Tanenbaum received a 5-year 2.5 million euro European Research Council “Advanced Grant” to do research in reliable and secure operating systems. Here is a summary of the grant proposal. The basic idea of the proposal is that current operating systems are much too big and very badly structured and the situation is getting worse every year. In this research we want to investigate much smaller, modular, fault-tolerant, multiserver designs. The research to be done by the postdoc will be determined in consultation with Prof. Tanenbaum, but the focus must be on making systems much more reliable and secure than they are now and it should fit into the grant proposal in some way. Funding is also available for several programmers and Ph.D. students; these positions have already been filled.

I am proposing replacing the entire monolithic kernel paradigm with a new one consisting of small, tightly constrained modules, running in user mode and each strictly obeying the POLA. Nothing like this has ever been achieved before. I also have many additional goals, such as being able to restart or even replace faulty components on the fly during execution and assign legal liability when faults occur, as described in the full proposal. While my previous work has taken a few baby steps in this direction, there is much more research needed to make this approach viable.
Fortunately, this can be done without affecting the user software by simply having the new operating system emulate the existing and long-stable POSIX interface (the UNIX standard), possibly extended somewhat (e.g.,with some of the Linux system calls). As long as the usual POSIX system calls such as OPEN, READ, EXEC, and so on are available, most UNIX software can be made to work without too much effort.

If this work succeeds, it will open up new areas to explore in terms of componentized, multiserver operating systems. People will then examine other kinds of new software components and how they fit in.
The project budget is just under 2.5 M€ and described in the full proposal
antisec

Report: 3 Lebanon men admit spying on Hezbollah for Israel

Two Lebanese men and a Palestinian have confessed to supplying Israeli intelligence agents with information regarding Hezbollah’s activities, media outlets in Lebanon reported on Tuesday.

The three men were arrested on Saturday for allegedly transferring sensitive information to Israel’s Mossad spy agency. According to the Lebanese newspaper Al-Akhbar, their alleged espionage was exposed during an investigation of a retired Lebanese general also suspected of spying on behalf of Israel.
antisec

The Great Brazilian Sat-Hack Crackdown

On the night of March 8, cruising 22,000 miles above the Earth, U.S. Navy communications satellite FLTSAT-8 suddenly erupted with illicit activity. Jubilant voices and anthems crowded the channel on a junkyard’s worth of homemade gear from across vast and silent stretches of the Amazon: Ronaldo, a Brazilian soccer idol, had just scored his first goal with the Corinthians.
It was a party that won’t soon be forgotten. Ten days later, Brazilian Federal Police swooped in on 39 suspects in six states in the largest crackdown to date on a growing problem here: illegal hijacking of U.S. military satellite transponders.

The crackdown, called “Operation Satellite,” was Brazil’s first large-scale enforcement against the problem. Police followed coordinates provided by the U.S. Department of Defense and confirmed by Anatel, Brazil’s FCC. Among those charged were university professors, electricians, truckers and farmers, the police say. The suspects face up to four years and jail, but are more likely to be fined if convicted.

April 24 2009

antisec

Firefox (In) security update dynamics exposed

Although there is an increasing trend for attacks against popular Web browsers, only little is known about the actual patch level of daily used Web browsers on a global scale. We conjecture that users in large part do not actually patch their Web browsers based on recommendations, perceived threats, or any security warnings. Based on HTTP useragent header information stored in anonymized logs from Google’s web servers, we measured the patch dynamics of about 75% of the world’s Internet users for over a year. Our focus was on the Web browsers Firefox and Opera. We found that the patch level achieved is mainly determined by the ergonomics and default settings of built-in auto-update mechanisms. Firefox’ auto-update is very effective: most users installed a new version within three days. However, the maximum share of the latest, most secure version never exceeded 80% for Firefox users and 46% for Opera users at any day in 2007. This makes about 50 million Firefox users with outdated browsers an easy target for attacks. Our study is the result of the first global scale measurement of the patch dynamics of a popular browser.

April 22 2009

antisec

11 Mar Operating System Interface Design Between 1981-2009

A Graphical User Interface (GUI for short) allows users to interact with the computer hardware in a user friendly way.
Over the years a range of GUI’s have been developed for different operating systems such as OS/2, Macintosh, Windowsamiga, Linux, Symbian OS, and more.
We’ll be taking a look at the evolution of the interface designs of the major operating systems since the 80’s.
I should mention that this article showcases only the significant advances in GUI design (not operating system advances) and also not all of the graphical user interfaces and operating systems existing today.

April 21 2009

antisec

Computer Spies Breach Fighter-Jet Project

WASHINGTON -- Computer spies have broken into the Pentagon's $300 billion Joint Strike Fighter project -- the Defense Department's costliest weapons program ever -- according to current and former government officials familiar with the attacks.

Similar incidents have also breached the Air Force's air-traffic-control system in recent months, these people say. In the case of the fighter-jet program, the intruders were able to copy and siphon off several terabytes of data related to design and electronics systems, officials say, potentially making it easier to defend against the craft.

The latest intrusions provide new evidence that a battle is heating up between the U.S. and potential adversaries over the data networks that tie the world together. The revelations follow a recent Wall Street Journal report that computers used to control the U.S. electrical-distribution system, as well as other infrastructure, have also been infiltrated by spies abroad.

View Full Image

HACKING victim: spies are said to have stolen data on the f-35 lightning ii fighter. here, the plane undergoes flight testing over texas.
US Air Force

HACKING VICTIM: Spies are said to have stolen data on the F-35 Lightning II fighter. Here, the plane undergoes flight testing over Texas.

Attacks like these -- or U.S. awareness of them -- appear to have escalated in the past six months, said one former official briefed on the matter. "There's never been anything like it," this person said, adding that other military and civilian agencies as well as private companies are affected. "It's everything that keeps this country going."

April 20 2009

antisec
4770_65c0_500
abstrusegoose.com
Reposted frommikeybert mikeybert viacomics comics
antisec
4970_ef7f
909sickle.com

How to hide Porn Folder.

Reposted fromsawb sawb viacomics comics
antisec

Perspectives on Terrorism - Volume III, Issue 1


April 19 2009

antisec

Malicous Code Injection Via /dev/mem

Research on using /dev/mem, the driver interface to physically addressable memory, as a way to inject code into a kernel at runtime. A framework to accompany this presentation is also in the works.
antisec

Cyber Attacks Against Georgia: Legal Lessons Identified

The purpose of this paper is to present a balanced and inclusive outline of the facts about cyber attacks2 against Georgia that took place in August 2008, and to indicate the legal implications of those incidents. In addition, this paper aspires to compare these facts to the legal lessons identified from the Estonian case3 in order to discern emerging trends of cyber incidents and to identify their implications to the current legal framework.

April 18 2009

antisec

Documents: FBI Spyware Has Been Snaring Extortionists, Hackers for Years

The software is known as the "computer and Internet Protocol address verifier" and has the ability to sit silently on a PC and record a variety of activities, including keystrokes and the Web sites the user visits, Wired.com reports. It also has the ability to take an initial reading of the infected PC's setup, including its MAC address, IP address, open ports, OS version, running applications and other data.

The FBI's use of the spyware surfaced in 2007 when the bureau used it to track e-mailed bomb threats against a Washington state high school to a 15-year-old student.

But the documents released Thursday under the Freedom of Information Act show the FBI has quietly obtained court authorization to deploy the CIPAV in a wide variety of cases, ranging from major hacker investigations, to someone posing as an FBI agent online. Shortly after its launch, the program became so popular with federal law enforcement that Justice Department lawyers in Washington warned that overuse of the novel technique could result in its electronic evidence being thrown out of court in some cases.

The FBI has been using the CIPAV for a number of years in a variety of cases, Wired reports, including child pornography and computer crimes.

    Here you can find the document:
Reposted by1stmachine 1stmachine

April 17 2009

antisec
7994_9294
just for drugs and alcohol :>
Reposted byDarkestSunrise DarkestSunrise
antisec
7996_9707
Cherish The Time
antisec

Abuse of Power: The Bush Administration's Secret Legal Memos

On April 16, 2009, the Department of Justice released four secret memos used by the Bush administration to justify torture. Read the release »

A 18-page memo, dated August 1, 2002, from Jay Bybee, Assistant Attorney General, OLC, to John A. Rizzo, General Counsel CIA. [PDF]
A 46-page memo, dated May 10, 2005, from Steven Bradbury, Acting Assistant Attorney General, OLC, to John A. Rizzo, General Counsel CIA. [PDF]
A 20-page memo, dated May 10, 2005, from Steven Bradbury, Acting Assistant Attorney General, OLC, to John A. Rizzo, General Counsel CIA. [PDF]
A 40-page memo, dated May 30, 2005, from Steven Bradbury, Acting Assistant Attorney General, OLC, to John A. Rizzo, General Counsel CIA. [PDF]

April 16 2009

antisec
9548_e106
more fun here: http://www.airtoons.com
Reposted bytowonibblerdeinneuerfreundqueitschmondkroete

April 10 2009

antisec
2672_1dc2
Reposted fromfrapzzt frapzzt viafyi fyi
antisec

Semantics-Aware Malware Detection

A malware detector is a system that attempts to de-
termine whether a program has malicious intent. In or-
der to evade detection, malware writers (hackers) fre-
quently use obfuscation to morph malware. Malware
detectors that use a pattern-matching approach (such
as commercial virus scanners) are susceptible to obfus-
cations used by hackers. The fundamental deficiency
in the pattern-matching approach to malware detection
is that it is purely syntactic and ignores the semantics
of instructions. In this paper, we present a malware-
detection algorithm that addresses this deficiency by in-
corporating instruction semantics to detect malicious
program traits. Experimental evaluation demonstrates
that our malware-detection algorithm can detect vari-
ants of malware with a relatively low run-time over-
head. Moreover, our semantics-aware malware detec-
tion algorithm is resilient to common obfuscations used
by hackers.
Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.