The SVR: Russia’s Intelligence Service (There are friendly states but there are no friendly intelligence services)
The collapse of the Soviet Union resulted in the disappearance of the most powerful security organisation ever created - the KGB. The KGB’s omnipresence in the USSR and its extensive network abroad was the result of the Soviet leadership's determination to control the population inside the USSR, and until the mid 1980s, in accordance with Marxist-Leninist principles, to propel its version of communism as far and as wide as was politically, militarily and financially feasible. The KGB was the sword and shield of the Communist Party of the Soviet Union, its occasional Ministry of Foreign Affairs and a research organisation forced sometimes to produce analysis which had nothing to do with its statutory mission and which appropriate institutes in Moscow could have done better. The political need to pamper the KGB translated well into almost unlimited funds, facilities, the ability to place KGB personnel in any Soviet organisation, inside or abroad and job offers no other organisation could match. Its foreign intelligence gathering and processing body was known as the PGU, the Russian acronym for the First Chief Directorate. Foreign Minister Boris Pankin said once that 50% of the Soviet staff in the US were working for the PGU. The unofficial FBI figure was 25%.
Friday, October 26, 2001
Microsoft's Really Hidden Files: A New Look At Forensics.
There are folders on your computer that Microsoft has tried hard to keep secret. Within these folders you will find two major things: Microsoft Internet Explorer has been logging all of the sites you have ever visited -- even after you've cleared your history, and Microsoft's Outlook Express has been logging all of your e-mail correspondence -- even after you've erased them from your Deleted Items bin. (This also includes all incoming and outgoing file attachments.) And believe me, that's not even the half of it.
There are folders on your computer that Microsoft has tried hard to keep secret. Within these folders you will find two major things: Microsoft Internet Explorer has been logging all of the sites you have ever visited -- even after you've cleared your history, and Microsoft's Outlook Express has been logging all of your e-mail correspondence -- even after you've erased them from your Deleted Items bin. (This also includes all incoming and outgoing file attachments.) And believe me, that's not even the half of it.
Cryptanalysis of MultiSwap
An anonymous security researcher working under the pseudonym "Beale Screamer" reverse engineered the Microsoft Digital Rights Management subsystem and, by October 18th, the results were available on cryptome.org. As part of the reverse engineering effort Screamer found an unpublished block cipher, which he dubbed MultiSwap, being used as part of DRM. Screamer did not need to break the MultiSwap cipher to break DRM, but we thought it would be a fun excercise, and summarize the results of our investigation below. The attacks described here show weaknesses in the MultiSwap encryption scheme, and could potentially contribute to an attack on DRM. However, the attack on DRM described by Beale Screamer would be much more practical, so we feel that these weaknesses in MultiSwap do not pose a significant threat to DRM at this time.
An anonymous security researcher working under the pseudonym "Beale Screamer" reverse engineered the Microsoft Digital Rights Management subsystem and, by October 18th, the results were available on cryptome.org. As part of the reverse engineering effort Screamer found an unpublished block cipher, which he dubbed MultiSwap, being used as part of DRM. Screamer did not need to break the MultiSwap cipher to break DRM, but we thought it would be a fun excercise, and summarize the results of our investigation below. The attacks described here show weaknesses in the MultiSwap encryption scheme, and could potentially contribute to an attack on DRM. However, the attack on DRM described by Beale Screamer would be much more practical, so we feel that these weaknesses in MultiSwap do not pose a significant threat to DRM at this time.
Thursday, October 25, 2001
Orbiscom
Orbiscom has created a global standard in secure and controlled online, offline and wireless card payment applications for financial institutions, online retailers, consumers and businesses. Partnering with brand leaders such as MBNA, Discover Financial Services, First Data Corporation, Allied Irish Banks and Microsoft, Orbiscom's secure online payment technology is now available to consumers in the United States and Europe.
Consumers shop safely when they use substitute credit and debit card numbers for online shopping. Orbiscom's technology enables financial institutions to provide their cardholders with the ability to generate a unique card number in place of their real card number for each purchase.
Orbiscom has created a global standard in secure and controlled online, offline and wireless card payment applications for financial institutions, online retailers, consumers and businesses. Partnering with brand leaders such as MBNA, Discover Financial Services, First Data Corporation, Allied Irish Banks and Microsoft, Orbiscom's secure online payment technology is now available to consumers in the United States and Europe.
Consumers shop safely when they use substitute credit and debit card numbers for online shopping. Orbiscom's technology enables financial institutions to provide their cardholders with the ability to generate a unique card number in place of their real card number for each purchase.
paybox - world's first mobile payment service
At last, mobile phones are wallets, and they're the newest, most secure way to shop online.
With paybox you can send money, receive money and pay with your mobile. It works with any bank account, any GSM mobile phone, across any mobile network. You don't need any special software. In five minutes you're ready to go!
All transactions are secure and no bank account numbers or credit card details are disclosed. All you need is a current account and a mobile phone!
At last, mobile phones are wallets, and they're the newest, most secure way to shop online.
With paybox you can send money, receive money and pay with your mobile. It works with any bank account, any GSM mobile phone, across any mobile network. You don't need any special software. In five minutes you're ready to go!
All transactions are secure and no bank account numbers or credit card details are disclosed. All you need is a current account and a mobile phone!
Xine for Linux with DVD
Hi everyone, I'm Captain CSS,
bringing to you a css plugin for use with a linux dvd player called xine.
Using our software, you are able to view all of your encrypted and locked dvds without even noticing that someone tried real hard to keep you from doing so... finally dvd playback _REALLY_ comes to linux.
Hi everyone, I'm Captain CSS,
bringing to you a css plugin for use with a linux dvd player called xine.
Using our software, you are able to view all of your encrypted and locked dvds without even noticing that someone tried real hard to keep you from doing so... finally dvd playback _REALLY_ comes to linux.
THE BASTARD OPERATOR FROM HELL OFFICIAL ARCHIVE
It's backup day today so I'm pissed off. Being the BOFH, however, does have it's advantages. I reassign null to be the tape device - it's so much more economical on my time as I don't have to keep getting up to change tapes every 5 minutes. And it speeds up backups too, so it can't be all bad can it? Of course not.
A user rings
"Do you know why the system is slow?" they ask
"It's probably something to do with..." I look up today's excuse ".. clock speed"
"Oh" (Not knowing what I'm talking about, they're satisfied) "Do you know when it will be fixed?"
"Fixed? There's 275 users on your machine, and one of them is you. Don't be so selfish - logout now and give someone else a chance!"
"But my research results are due in tommorrow and all I need is one page of Laser Print.."
"SURE YOU DO. Well; You just keep telling yourself that buddy!" I hang up.
You'd really think people would learn not to call.
It's backup day today so I'm pissed off. Being the BOFH, however, does have it's advantages. I reassign null to be the tape device - it's so much more economical on my time as I don't have to keep getting up to change tapes every 5 minutes. And it speeds up backups too, so it can't be all bad can it? Of course not.
A user rings
"Do you know why the system is slow?" they ask
"It's probably something to do with..." I look up today's excuse ".. clock speed"
"Oh" (Not knowing what I'm talking about, they're satisfied) "Do you know when it will be fixed?"
"Fixed? There's 275 users on your machine, and one of them is you. Don't be so selfish - logout now and give someone else a chance!"
"But my research results are due in tommorrow and all I need is one page of Laser Print.."
"SURE YOU DO. Well; You just keep telling yourself that buddy!" I hang up.
You'd really think people would learn not to call.
The New Hacker's Dictionary
This document is a collection of slang terms used by various subcultures of computer hackers. Though some technical material is included for background and flavor, it is not a technical dictionary; what we describe here is the language hackers use among themselves for fun, social communication, and technical debate.
This document is a collection of slang terms used by various subcultures of computer hackers. Though some technical material is included for background and flavor, it is not a technical dictionary; what we describe here is the language hackers use among themselves for fun, social communication, and technical debate.
Wednesday, October 24, 2001
Silent boots
When U.S. commandos sneak up on Osama bin Laden and put a cap in his turban, they may be wearing the fruits of the U.S. government's "Silent Boots" research project. Here are excerpts from a 1999 report prepared for the Department of State's Technical Support Working Group (whose mission is to "conduct rapid research, development, and prototyping of technologies in support of counterterrorism and antiterrorism"). We're pretty sure the last thing a Special Forces member needs is to have his boots squeak on a cave floor. (9 pages)
When U.S. commandos sneak up on Osama bin Laden and put a cap in his turban, they may be wearing the fruits of the U.S. government's "Silent Boots" research project. Here are excerpts from a 1999 report prepared for the Department of State's Technical Support Working Group (whose mission is to "conduct rapid research, development, and prototyping of technologies in support of counterterrorism and antiterrorism"). We're pretty sure the last thing a Special Forces member needs is to have his boots squeak on a cave floor. (9 pages)
Tuesday, October 23, 2001
FBI Programs and Initiatives - Carnivore Diagnostic Tool
In recent years, the FBI has encountered an increasing number of criminal investigations in which the criminal subjects use the Internet to communicate with each other or to communicate with their victims. Because many Internet Service Providers (ISP) lacked the ability to discriminate communications to identify a particular subject's messages to the exclusion of all others, the FBI designed and developed a diagnostic tool, called Carnivore.
In recent years, the FBI has encountered an increasing number of criminal investigations in which the criminal subjects use the Internet to communicate with each other or to communicate with their victims. Because many Internet Service Providers (ISP) lacked the ability to discriminate communications to identify a particular subject's messages to the exclusion of all others, the FBI designed and developed a diagnostic tool, called Carnivore.
"Real" Deal about Nuclear, Bio, and Chem Attacks
Since the media has decided to scare everyone with predictions of chemical, biological, or nuclear warfare on our turf I decided to write a paper and keep things in their proper perspective. I am a retired military weapons, munitions, and training expert.
Since the media has decided to scare everyone with predictions of chemical, biological, or nuclear warfare on our turf I decided to write a paper and keep things in their proper perspective. I am a retired military weapons, munitions, and training expert.
SecureMedia
SecureMedia is the leading provider of secure digital media distribution solutions that enable complete end-to-end protection of streamed and downloaded media, from source to point of rendering.
SecureMedia is the leading provider of secure digital media distribution solutions that enable complete end-to-end protection of streamed and downloaded media, from source to point of rendering.
Monday, October 22, 2001
Security-Enhanced Linux version 3
The third public release of the LSM-based SELinux prototype was made. This release contains several bug fixes and improvements to both LSM and SELinux and is based on the lsm-2001_10_11 patch against kernel 2.4.12.
The third public release of the LSM-based SELinux prototype was made. This release contains several bug fixes and improvements to both LSM and SELinux and is based on the lsm-2001_10_11 patch against kernel 2.4.12.
Subscribe to:
Posts (Atom)