Internet anonymity for Windows power users Our previous article, "Do-it-yourself Internet anonymity" was targeted towards average Windows users. It generated a startling number of e-mail requests for some advanced tactics, which I'm happy to supply. However, power user or not, I'd recommend at least skimming the earlier article if you haven't read it, just to ensure that you're not forgetting something obvious and useful. I'm not going to re-cap much of it here.

Microsoft's Really Hidden Files: A New Look At Forensics
There are folders on your computer that Microsoft has tried hard to keep secret. Within these folders you will find two major things: Microsoft Internet Explorer has not been clearing your browsing history after you have instructed it to do so, and Microsoft's Outlook Express has not been deleting your e-mail correspondence after you've erased them from your Deleted Items bin. (This also includes all incoming and outgoing file attachments) And believe me, that's not even the half of it.

When I say these files are hidden well, I really mean it. If you don't have any knowledge of DOS then don't plan on finding these files on your own. I say this because these files/folders won't be displayed in Windows Explorer at all -- only DOS. (Even after you have enabled Windows Explorer to "show all files.") And to top it off, the only way to find them in DOS is if you knew the exact location of them. Basically, what I'm saying is if you didn't know the files existed then the chances of you running across them is slim to slimmer.

It's interesting to note that Microsoft does not explain this behavior
adequately at all. Just try searching on microsoft.com.

Australasian Information Security Evaluation Program
The products in the following section have been accepted into the Australasian Information Security Evaluation Program (AISEP) run by the Defence Signals Directorate. The AISEP is a commercial program in which evaluations are performed by licensed commercial facilities, known as AISEFs (Australasian Information Security Evaluation Facilities).
While there is no guarantee that products in the following section will complete evaluation successfully, acceptance into the program indicates that both the AISEF performing the evaluation and DSD believe that the product has a reasonable likelihood of meeting the requirements of the target evaluation level.

Public Configuration Documents
Here are several links to general configuration documents.

The Computer Security Institute
Computer Security Institute (CSI) is the world's leading membership organization specifically dedicated to serving and training the information, computer and network security professional.

Explosive Possibilities for Silicon
Still, the most intriguing aspect of the research is the ability to blow up the same material that powers computers and other devices using a small electrical charge. "Now, you can program a chip to self-destruct," Sailor said. "There's no firing pin, just a little current that runs through the part of the chip that has the explosive in it."

Biological Network Security
A recent article on securityfocus.com discusses the future of Intrusion detection, and how it may include a central management center where intrusion alerts are reported for greater analysis. This is the first step towards a biological network. What better way to handle security on a living-breathing and highly complex network than by modeling it after the evolution of biological systems?

Secret Service's Little-Known Role: Protecting Citizens as Well as Leaders It may surprise readers to learn that the United States Secret Service is actively engaged in the fight against Internet crime and computer-based fraud.

If asked what they know of the Secret Service, most Americans would likely point to the special agent with the sunglasses and earpiece standing behind the president. They would not imagine that many of those same agents who protect our highest elected leaders are also responsible for protecting consumers against criminal activity on the Internet.

Although the Secret Service has had the statutory responsibility for protecting the president, vice president and other designated officials since 1901, the origins of the Secret Service actually date back to 1865. We were created as a small bureau in the Department of the Treasury to suppress widespread counterfeiting during a time of financial crisis in our country.

Over the years this investigative mission has evolved into a statutory mandate to protect our nation's banking and financial infrastructure. While the Secret Service remains the lead federal agency for investigating counterfeit scams, our investigative jurisdiction has expanded to include credit card fraud, identity theft, bank fraud and telecommunications fraud. Congress has authorized us to protect the president, but it has also authorized us to protect your pocketbook.

As much as the PC has revolutionized our economy and our culture, it has also become the gateway into a new dimension of criminal activity where consumer protections are few and sophisticated methods to steal and defraud are many.

Information Security URLography
Inforensics: Information Forensics, Reconstructions & Recovery:
the application of forensic techniques to investigate crimes involving, either directly or indirectly, information, computer and/or communication technology.

ENCRYPTION SOFTWARE with forensic software countermeasures
Forensic software exploits Windows® security leaks for computer evidence recovery and for electronic discovery in litigation. This is usually the real method by which "the suspect's encryption was cracked." It's also commercially available to industrial spies and criminals, who use it to defeat hard drive data encryption by side channel attacks.
Most e-mail encryption software (such as PGP®) is vulnerable to forensic software attacks, if (mis-)used to encrypt files for secure storage rather than for transmission. Most "Windows® encryption software" has no forensic software countermeasures, making the strength of their ciphers (encryption algorithms) or key-sizes irrelevant .
If you're concerned about practicing due diligence in protecting sensitive information, but you're forced to keep it on a Windows® PC, perhaps we can help. We supply standards-compliant cryptosystems with forensic software countermeasures, specifically designed to protect sensitive data on Windows® PCs and laptops.

PGP creator: Surveillance must be curbed
Phil Zimmermann, the creator of the Pretty Good Privacy encryption tool, says that widespread surveillance is leading us into an Orwellian future

Phil Zimmermann, creator of Pretty Good Privacy encryption -- better known as PGP -- was in Italy this week for the InfoSecurity conference. ZDNet Italy caught up with him to discuss the technical, social and politic implications of his encryption tool.

Inside Encrypting File System, Part 1
Securing a computer system entails employing measures that protect the computer's data from viewing or manipulation by unauthorized users. Security measures at the network interface prevent intruders from gaining entry to the computer, and file-system security prevents the computer's authorized users from accessing data they're not supposed to access. However, a computer that is isolated from the Internet behind a firewall and that has stringent file-system security policies in place remains unsecured if no strategy exists to guard the computer's physical security. If unauthorized users have physical access to a computer, they can remove the computer's hard disks and perform offline analysis of the disks' data. When users can view a hard disk's contents on a different computer, file-system security (e.g., the kind NTFS ACLs provide on Windows NT or Windows 2000— Win2K—systems) is of no value. This problem is especially acute for laptop computers because two NTFS file-system drivers that ignore NTFS security—NTFSDOS and an NTFS driver for Linux—let even casual thieves easily view NTFS files.

Encrypting File System Primer: Basics and Best Practices

With the introduction of Windows 2000, Microsoft implemented a number of security-based improvements aimed at making their flagship operating system (OS) more robust and attractive for enterprise deployment. They’ve built on existing technology from NT 4.0 and added several features, which take advantage of standards that for years have been proven effective in the industry. The result is an OS less dependent of flawed proprietary standards, such as NTLM and WINS, which have been plagued with numerous vulnerabilities and over the years have made the job of system security an even more difficult task.
Among the many improvements in Windows 2000, one of the more notable ones is the addition of the Encrypting File System (EFS). EFS is a means of protecting user data which takes advantage of two well known industry standards: Data Encryption Standard X (DESX) and RSA public key exchange. It is supported in all versions of Windows 2000, and works transparently (without user input) to encrypt and decrypt files for user access. In the past, a user would have to encrypt and decrypt files using a third party application which had to be purchased and installed separately on their system, and which most often depended on the user entering a correct password. With EFS, this is no longer a necessity. As always however, most security measures are only effective if your users are properly informed, and EFS is no exception. As such, we’ll take a look at EFS, what it is how it works, and more importantly, what you need to know to make it work effectively for you.

Turning Snooping Into Art
It’s a privacy-busting boogeyman to civil libertarians, an anti-terror panacea to lawmakers. And now Carnivore, the FBI’s infamous Internet surveillance program, has become an inspiration to a group of the Web's leading artists.

In a collaborative art project called, creatively enough, "Carnivore," Flash guru Joshua Davis and digital artist Mark Napier, along with other artists, have crafted programs that create audiovisual representations of data traffic that’s observed and hijacked from a local area network.

Virtual lies face foolproof software
Software that can detect when people are lying in their e-mails sounds a bit far-fetched, but its manufacturers declare it is true.

SAS Institute, which makes fraud-detection systems for banks and phone companies, will on Monday announce a product that can sift through e-mails and other electronic text to catch elusive nuances such as tone.

Privacy International
Privacy International (PI) is a human rights group formed in 1990 as a watchdog on surveillance by governments and corporations. PI is based in London, England, and has an office in Washington, D.C. PI has conducted campaigns throughout the world on issues ranging from wiretapping and national security activities, to ID cards, video surveillance, data matching, police information systems, and medical privacy.

Security Industry Buyers Guide Online
The American Society for Industrial Security.

Security Self-Assessment Guide for Information Technology Systems
A document in PDF format.

Cyber Solutions Tools Center
CIAC's Cyber Solutions Tools Center (CSTC), located at the Lawrence Livermore National Laboratory, provides solutions to U.S. Government agencies facing today's security challenges in information technology. We maintain information protection core-competencies through high-tech, integrated INFOSEC incident response, product development, and consulting services.

The CIAC is composed of three complementary business units: Operational Incident Response; Advanced Security Projects; and Secure Systems Services.

The Operational Incident Response group assists the Department of Energy in its information protection efforts by providing computer security incident response related services.

The CIAC is composed of security-cleared information security professionals with backgrounds in computer science, information systems, and engineering specializing in awareness, training, and education; Electronic Commerce security; electronic security assessment; firewall and web security; incident response; Internet and Intranet security; intrusion detection; malicious code detection and eradication; network security; policies and procedures; risk management; and system and software engineering.

How Goner suspects were tracked down
Messages coded into the Goner worm and monitoring of the IRC channel used to control its activities led to the arrest of four suspected Israeli virus writers over the weekend.

One of the actions of Goner, which normally spreads as an infected attached-to-email message, is to install denial of service scripts for the mIRC Internet Relay Chat client. By monitoring the #pentagonex channel used to control the worm's activities, security experts working for DALnet IRC were able to track down its suspected creators.

DIBS USA Inc - World Leaders in Computer Forensics
DIBS USA Inc is a privately owned, independent US corporation, specializing in forensic computing, with activities in three main areas.

HashKeeper
HashKeeper is a database application of value primarily to those conducting forensic examinations of computers on a somewhat regular basis. The application uses the MD5 file signature algorithm to establish unique numeric identifiers (hash values) for known files and compares those known hash values against the hash values of unknown files on a seized computer system. Where those values match, the examiner can say, with statistical certainty, that the unknown files on the seized system have been authenticated and therefore do not need to be examined.

BEST PRACTICES FOR SEIZING
ELECTRONIC EVIDENCE
A Joint Project of the International Association of Chiefs of Police
and the United States Secret Service.

Links

• Get MIRC IRC Software


• Get Prevention/Powerpoint Presentations (Prevention/Awareness)


• Get Internet/Online Service Provider List#1 and List#2


• Get Sunny Parmar's Online Investigation Manual (Email Request)


• Look-up National Police Contact List By CITY/STATE


• Join HTCC & Get on Police High Tech Contact List


• Join CFID/Get on the Computer Forensics Investigators Digest (Email)


• Get Computer Security Manual


• Get Free Encryption programs


• Get Neo Trace Tracking Program


• Get WS-Ping Pro Tracking Program


• Get Revelation Password Crack


• Get the ICSA Anti-Spoofing Test Tool


• Get New Defender Programs


• Get Steganos Encryption/Data Hiding Software Suite


• Get Evidence Eliminator Software (Use Caution)


• Get Forensic Software List (1)


• Get Forensic Software List (2)


• Get File Extension Information (Look-Up File Extensions)


• Get Federal Guidelines on Computer Search & Seizure


• Get example Affidavit-Search Warrant for Computers (Child Porn)


• Get some Federal Laws Pertaining to Computer Crime


• Get MD5 Hash Values for Child Porn Images (Email Request)


• Get how to Read/Trace E-Mail Info.


• Get the Port Number List

Evidence Eliminator - What evidence is on your hard drive?
Links to interesting Forensic Services.
These sites offer services, software programs and information about recovering deleted data from hard drives.

Quality Security Tools
In May/June of 2000, we conducted a survey of 1200 Nmap users from the nmap-hackers mailing list to determine their favorite security tools. Each respondant could list up to 5.
I was so impressed by the list they created that I am putting the top 50 up here where everyone can benefit from them. I think anyone in the security field would be well advised to go over the list and investigate any tools they are unfamiliar with. I also plan to point newbies to this page whenever they write me saying "I do not know where to start".

Electronic Harassment Specialists
It is our goal to help victims of Electronic Harassment. This is done with decades of well trained, experienced and knowledgeable professionals. Electronic Harassment occurs in almost every country in the world, it knows no borders. Neither do we. We will not rest until Electronic Harassment is properly legislated or eliminated.

Free Security Scan
Worried about hacker attacks on your always on Internet connection? Test your Internet Security with our Free Security Scan. This utility will scan your computer for possible weaknesses. We simply scan for available ports and processes servicing those ports that appear to the public.

Intelligence Community Markup Language
The IC Metadata Sub-Working Group (MSWG) has developed the Intelligence Community Markup Language (ICML) as part of the ICCIO Executive Council and Working Group commitment to IC inter-organization interoperability. ICML is based on a number of data modeling activities that have occurred in the IC over the last ten years, all of which have been used in one way or another to develop ICML.

The first focus of ICML is to aid finished intelligence production. Since a majority of the intelligence content being produced within the IC takes the form of documents, it was felt by the MSWG that limiting the scope of the initial ICML release to this type of intelligence content would yield the most benefits in the shortest period of time. The ICML standard as written incorporates key writing styles, metadata, and structure requirements of typical IC products.

ICML is described as a Document Type Definition (DTD).

Secure Communications Operational Tracraft
A PDF file on 'how not to be seen'.

Seven Simple Computer Security Tips

• Use strong passwords. Choose passwords that are difficult or impossible to guess. Give different passwords to all accounts.


• Make regular backups of critical data. Backups must be made at least once each day. Larger organizations should perform a full backup weekly and incremental backups every day. At least once a month the backup media should be verified.


• Use virus protection software. That means three things: having it on your computer in the first place, checking daily for new virus signature updates, and then actually scanning all the files on your computer periodically.


• Use a firewall as a gatekeeper between your computer and the Internet. Firewalls are usually software products. They are essential for those who keep their computers online through the popular DSL and cable modem connections but they are also valuable for those who still dial in.


• Do not keep computers online when not in use. Either shut them off or physically disconnect them from Internet connection.


• Do not open e-mail attachments from strangers, regardless of how enticing the Subject Line or attachment may be. Be suspicious of any unexpected e-mail attachment from someone you do know because it may have been sent without that person’s knowledge from an infected machine.


• Regularly download security patches from your software vendors.

.Net vote rigging illustrates importance of Web services
In December, Java was more popular than .Net for building Web services, according to a ZDNet UK poll, but weeks later the position had dramatically reversed; investigation revealed just what lengths Microsoft will go to to promote its products.

IT Security Cookbook
This book is intended as a 'self help' guide to computer & network security, primarily for security managers, programmers and system administrators.

NIST Vulnerability and Threat Portal
US Government Attack and Vulnerability Services

The Complete, Unofficial TEMPEST Information Page
Across the darkened street, a windowless van is parked. Inside, an antenna is pointed out through a fiberglass panel. It's aimed at an office window on the third floor. As the CEO works on a word processing document, outlining his strategy for a hostile take-over of a competitor, he never knows what appears on his monitor is being captured, displayed, and recorded in the van below.

OpenAntiVirus Project
Successful open source software always proves excellence in reliability, effectiveness, scalability, and portability. The Apache httpd, the Linux operating system and Perl as a scripting language or in the field of security OpenSSH, OpenSSL and GnuPG are prominent examples disguising that there are important fields lacking comparable solutions. One of these fields is anti-virus software. Previous attempts to fill the gap failed due to lack of concept and/or inability to attract essential expertise. To build a network of anti-virus developers within the Open Source Community providing mandatory resources for communication and project management the OpenAntiVirus Project was founded August 30th 2000.

Social Engineering Fundamentals, Part I: Hacker Tactics
One morning a few years back, a group of strangers walked into a large shipping firm and walked out with access to the firm’s entire corporate network. How did they do it? By obtaining small amounts of access, bit by bit, from a number of different employees in that firm. First, they did research about the company for two days before even attempting to set foot on the premises. For example, they learned key employees’ names by calling HR. Next, they pretended to lose their key to the front door, and a man let them in. Then they "lost" their identity badges when entering the third floor secured area, smiled, and a friendly employee opened the door for them.
The strangers knew the CFO was out of town, so they were able to enter his office and obtain financial data off his unlocked computer. They dug through the corporate trash, finding all kinds of useful documents. They asked a janitor for a garbage pail in which to place their contents and carried all of this data out of the building in their hands. The strangers had studied the CFO's voice, so they were able to phone, pretending to be the CFO, in a rush, desperately in need of his network password. From there, they used regular technical hacking tools to gain super-user access into the system.
In this case, the strangers were network consultants performing a security audit for the CFO without any other employees' knowledge. They were never given any privileged information from2

DSL - DSLreports.com
Shield Probe.. Get an instant security analysis now. You dont even need to know your own IP address!
Note: Interesting scan results, with your IP address removed, may be shown publicly to the left of the scan applet. This is not a security risk. If this disturbs you, please do not get scanned.

Technical Surveillance Counter Measues
Contrary to what is advertised, there is no do-it-yourself magic bullet in eavesdropping detection. You can not dial a number to see if your phone is tapped. There is not any one instrument which will detect all "bugs" for you. There is no gadget, which will protect you from all wire-tappers. Technical Surveillance Counter Measures (TSCM) also known as Eavesdropping Detection or Debugging is labour and equipment and involves intensive hard work.

Granite Island Group
The First, The Largest, The Most Popular, and The Most Complete TSCM, Bug Sweep, Spy Hunting, and Counterintelligence Site on the Internet.

BestCrypt data encryption software
Jetico, Inc. offers BestCrypt data encryption software and BCWipe data erasing software for Windows 95/98/ME/NT/2000/XP and Linux operating systems.

The BestCrypt software performs encryption using the USA Federal Standard DES in Cipher Block Chaining mode, the Russian Federal Standard GOST 28147-89 in Cipher Feedback mode, the Blowfish in Cipher Block Chaining mode and the Twofish in Cipher Block Chaining mode algorithms at the same time. The BestCrypt software allows translate encrypted data between any of these four algorithms.

BestCrypt data encryption systems bring military strength encryption to the ordinary computer user without the complexities normally associated with strong data encryption.

Jetico, Inc. offers also the BCWipe utility for Windows 95/98/ME/NT/2000/XP and Linux. It is a useful utility for secure file deleting and wiping free space on disk. BCWipe supports a correspondent U.S. Department of Defense recommendations (DoD 5200.28-STD).

CGIProxy-- HTTP/FTP Proxy in a CGI Script
This CGI script acts as an HTTP or FTP proxy. Through it, you can retrieve any resource that is accessible from the server it runs on. This is useful when your own access is limited, but you can reach a server that in turn can reach others that you can't. It can easily be configured for anonymous browsing, so you can set up your own anonymous proxy like The Anonymizer. It's very simple to install, and very configurable.

When an HTML resource is retrieved, it's modified so that all links in it point back through the same proxy, including images, form submissions, and everything else. Once you're using the proxy, you can browse normally and (almost) forget it's there.

Internet anonymity for Windows power users
Our previous article, "Do-it-yourself Internet anonymity" was targeted towards average Windows users. It generated a startling number of e-mail requests for some advanced tactics, which I'm happy to supply. However, power user or not, I'd recommend at least skimming the earlier article if you haven't read it, just to ensure that you're not forgetting something

ELECTRONIC WARFARE AND RADAR SYSTEMS ENGINEERING HANDBOOK
This handbook is designed to aid EW and Radar systems engineers in making general estimations regarding capabilities of systems. It is not intended as a detailed designer's guide, rather it covers a variety of subjects of general interest.

It was originally published by the Avionics Department of the Naval Air Warfare Center Weapons Division in 1992 under the report number TS 92-78. Since that time five editions were published before changing the document number to TP 8347

CryptoHeaven Secure Free Email, Online Storage, File Sharing
CryptoHeaven is developed to accelerate wide spread use of highest-grade cryptography and distributed without restrictions upon its further dissemination.

A user-friendly, no-compromise information-heaven crypto system is created, where no third party, including server administrators and others watching, have access to plain text version of transmitted information. Information is stored in encrypted form on the server as generated by the client, and only the sender and the recipient possess the keys to gain access to the information. Having the entire log of all transmissions made and all of the data stored on the server, does not give access to the plain text version of information.

We use only the finest in cryptography, including an AES symmetric cipher Rijndael with 256 bit symmetric key, public-key cryptography with 2048-4096 bit asymmetric keys and SHA-256 message digest function.

FBI software cracks encryption wall
The FBI is developing software capable of inserting a computer virus onto a suspect's machine and obtaining encryption keys, a source familiar with the project told MSNBC.com. The software, known as "Magic Lantern", enables agents to read data that had been scrambled, a tactic often employed by criminals to hide information and evade law enforcement. The best snooping technology that the FBI currently uses, the controversial software called Carnivore, has been useless against suspects clever enough to encrypt their files.

Anti-Virus Makers and FBI Dirty Secrets
Eric Chien, chief researcher at Symantec's antivirus research lab, said that provided a hypothetical keystroke logging tool was used only by the FBI, then Symantec would avoid updating its antivirus tools to detect such a Trojan. The security firm is yet to hear back from the FBI on its enquiries about Magic Lantern but it already has a policy on the matter.

"If it was under the control of the FBI, with appropriate technical safeguards in place to prevent possible misuse, and nobody else used it - we wouldn't detect it," said Chien. "However we would detect modified versions that might be used by hackers."

Hackers access Playboy.com's credit card data
Computer hackers broke into the Playboy Enterprises' Web site -- playboy.com -- gaining access to the credit card numbers of several customers, a company spokeswoman said Tuesday.

The company's technology team discovered the breach last weekend before the hackers sent threatening e-mails to the company's customers, said Playboy spokeswoman Laura Sigman. Consumers began alerting Playboy about the violation Sunday evening.

Firms warned of 'drive-by hackers'
Companies that use wireless technology to allow workers to log into networks throughout offices have been warned they could be laying themselves open to hackers.

The alert comes ahead of the scheduled signing in Hungary on Friday of a European convention that aims to unite about 30 countries in the fight against cyber-criminals.

OuterBrains 2K2 (a geek event)
What is OuterBrains ?

OuterBrains 2K2 is a party that brings together the hackers- and demo-scene. The hackers will have their hacking competitions and some nice seminars where the demo-scene people have their demos and related competitions. Three days non-stop action. More than 400+ people sharing ideas, tips, tricks, code, gfx, music and other digital information.

FBI software cracks encryption wall
MAGIC LANTERN installs so-called “keylogging” software on a suspect’s machine that is capable of capturing keystrokes typed on a computer. By tracking exactly what a suspect types, critical encryption key information can be gathered, and then transmitted back to the FBI, according to the source, who requested anonymity.
The virus can be sent to the suspect via e-mail — perhaps sent for the FBI by a trusted friend or relative. The FBI can also use common vulnerabilities to break into a suspect’s computer and insert Magic Lantern, the source said.
Magic Lantern is one of a series of enhancements currently being developed for the FBI’s Carnivore project, the source said, under the umbrella project name of Cyber Knight.

the-Cloak
The Cloak sits between your computer and any web sites you visit. It prevents the web sites you visit from finding out who you are. And it can use the standard SSL protocol to encrypt all communication from your browser, so that no one (except for the-Cloak) knows where you are surfing.

No Proxy
Free anonymous surfing!

Anti Censoring Section
Search For a Public Proxy: Search our Frequently Updated Database for Free Public Proxies.
Anonymity on the net: Hiding your real IP when using normal web applications ( Browsing - ICQ - IRC , etc )
Using Shell accounts.
Bypassing Proxy Restrictions (Do you wanna surf Blocked Pages?) Public Proxy Servers, and how to use them
Redirectors ( Redir - SSH , etc )
CGI Proxy Servers ( including how to build your own! )
Port Tunneling ( HTTP-PORT® )
Surfing the net through a shell account ( Lynx )
Bypassing ISP`s Port Blocks

Plan to Migrate to Advanced Encryption Standard
Once considered invulnerable, the Data Encryption Standard that secures many banking and e-commerce transactions has been cracked. Enterprises should switch to the Advanced Encryption Standard when feasible.

On the Security of PHP, Part 1
This article will provide you an overview of various security issues with PHP and offer advice on secure PHP programming practices.

The Security Specific Search Engine
Welcome to searchSecurity.com's archive of Previous Events. Here, you can find Host to previous Q&A talks with Security professionals and experts.

News: Bug secrecy vs. full disclosure
By Bruce Schneider.
Last month Scott Culp, manager of the security response center at Microsoft, published an essay describing the current practice of publishing security vulnerabilities to be "information anarchy." He claimed that we'd all be a lot safer if researchers would keep details about vulnerabilities to themselves, and stop arming hackers with offensive tools. Last week, at Microsoft's Trusted Computing Forum, Culp announced a new coalition to put these ideas into practice.
This is the classic "bug secrecy vs. full disclosure" debate. I've written about it previously in Crypto-Gram; others have written about it as well. It's a complicated issue with subtle implications all over computer security, and it's one worth discussing again.

ICANN eyes DNS security, solutions
MARINA DEL REY, Calif. - Of all the Internet's security concerns, one of the least troublesome may be the physical security of its root name servers, the top servers in the Internet's traffic directing system. There are only 13 of them, a redundant system located in scattered locations around the world, any one of which could probably be reconfigured in a pinch on a "beefy laptop."

EPIC - Tools for Protecting Online Privacy
EPIC Online Guide to Practical Privacy Tools.

Private Idaho 3.52t
Private Idaho is a PGP, anonymous remailer, and nym server front-end for Windows. It was initially made by Joel McNamara and, when he released the source code, I (Ian Lynagh) picked it up "just to look at it". Within a few days I had released PI3.0tb1 and haven't looked back since.

Cryptography and Network Security
Like the author says "This page is unmaintained and full of many old, rotted links. Sorry. " Anyway, some links do work!

ESL400 scanner: Hardware like this makes it possible to eavesdrop the contents of your monitor (e.g. from a van in front of your office or from the neighboring flat)
Zero Emission Pad Freeware
Since decades international secret services use the fact that all electronic devices emit compromising rays. These rays can be used to recover a picture displayed by a monitor. Even if these rays passed walls and the receiver is many meters away. Together with our partner, the University of Cambridge (Great Britain), we offer to you the possibility to defuse these compromising rays via software (patent-pending "Soft-Tempest"). The text editor Steganos II Zero Emission Pad is the world's first Windows editor that supports the emission defusing display.

Stego Online by Romana Machado
This privacy utility demonstrates a new way of communicating securely. Want to communicate securely, but don't want to send large files of strange-looking numbers? Want to use strong crypto, but know that your email is not secure enough? Stego works like invisible ink for Internet communication. Stego can hide an encrypted text file in a GIF format image file - which is the most commonly used image format on the World Wide Web. The resulting GIF can be attached to an email message or posted on a web page.

Steganography Information, Software, and News to Enhance Your Privacy.
In an ideal world we would all be able to openly send encrypted email or files to each other with no fear of reprisals. However there are often cases when this is not possible, either because you are working for a company that does not allow encrypted email or perhaps the local government does not approve of encrypted communication (a reality in some parts of the world). This is where steganography can come into play.
Steganography simply takes one piece of information and hides it within another. Computer files (images, sounds recordings, even disks) contain unused or insignificant areas of data. Steganography takes advantage of these areas, replacing them with information (encrypted mail, for instance). The files can then be exchanged without anyone knowing what really lies inside of them. An image of the space shuttle landing might contain a private letter to a friend. A recording of a short sentence might contain your company's plans for a secret new product. Steganography can also be used to place a hidden "trademark" in images, music, and software, a technique referred to as watermarking.

Paranoids Secure Communications Handbook
In PDF format.

When Osama Bin Ladin Was Tim Osman
Conspiracy Theory: The other man, dressed in Docker's clothing, was not a native Afghan any more than Olberg was. He was a 27-year-old Saudi. Tim Osman (Ossman) has recently become better known as Osama Bin Ladin. "Tim Osman" was the name assigned to him by the CIA for his tour of the U.S. and U.S. military bases, in search of political support and armaments.

David Shayler on MI6 Gaddafi Assassination Plot
This is the first ever police investigation into an allegation made against MI6. It directly contradicts former Foreign Secretary Robin Cook's claim that the Gaddafi Plot has "no basis in fact" and is "pure fantasy".
There are no charges against David Shayler for perjury or wasting police time, confirming that his detailed sworn statement was honest, reliable and true.
The Crown Prosecution Service has claimed there is not enough evidence likely to secure a conviction of the two MI6 officers responsible for the Plot, three and a half years after David made the initial disclosure and a year after he gave evidence. However, the police did gather 'relevant material'.
Shayler calls for statement from Prime Minister and Foreign Secretary about MI6 funding of groups with connections to Bin Laden who were involved in the attack.

OpenSSH 3.0 released
OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools that increasing numbers of people on the Internet are coming to rely on. Many users of telnet, rlogin, ftp, and other such programs might not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety of authentication methods.

Hacker Watchdog Group Shows Enlightened View About Security
On 9 November 2001, Microsoft and security companies @Stake, BindView, Foundstone, Guardent and Internet Security Systems announced the formation of a hacker watchdog group called the Responsible Disclosure Forum. The group aims to establish guidelines and codes of conduct for releasing information about software vulnerabilities.

US government fails hacker testa
DESPITE dramatically tighter security at US buildings since the terrorist attacks, a House panel is giving the US Government failing marks for lax protection of federal computer networks.
The "F" grade dropped from the "D-" that the government earned in September 2000. Fully two-thirds of federal agencies — including the departments of Defence, Commerce, Energy, Justice and Treasury — flunked the latest "computer security report card".

Satellite on a shoestring going strong 1 month later
OK, not really security related but fun to read anyway....

After a month in orbit, a satellite built by Naval Academy midshipmen with off-the-shelf parts from Radio Shack is exceeding all expectations, sending and receiving messages from ham radio users around the world.

Academy students and professors hoped the satellite would work for a month, given that many of the parts they used have no history of operating in space. But since the satellite was launched from Kodiak, Alaska, on Sept. 30, it has shown no signs of degrading, and the group is hoping the satellite will work at least another year and maybe another five.

Information Assurance
The Defense Security Service (DSS) Industrial Security Information Assurance Branch is comprised of computer security specialists and computer scientists who support existing Industrial Security programs.

New Dimensions International
Confronted by dramatic advances in technology and an historic shift in the Global Marketplace, security faces dynamic challenges. NDI services have grown to match the dynamic thresholds in technology and the new and changing World Order. Attacks emerge DAILY from global sources.

Attacks against the "Information Infrastructure" have reached unprecedented proportions with only more increases in sight.

NDI has advanced system security services, training, risk assessment and security designs since 1985. We have worked with government, Healthcare financial institutions, corporations, the public sector and telecommunications to ensure safe and sound security practices to help improve the understanding of the Intruder AND help develop policy, assess risks and prescribe remedies...SOLUTIONS.

gPIKT
gPIKT is a PIKT graphical user interface. It is written using Perl/Gtk. As of now, no other external modules are required.

gPIKT's basic philosophy is to present the user a tree of systems and their elements. All of them can be dragged to "publish list", and the list can then be published with a simple click. Each system and element have a context menu, where almost all command line piktc options are implemented.

PIKT
Sysadmins have long wrestled with the task of writing generalized scripts to monitor systems and deal with recurring problem situations. As conventionally practiced, this approach has numerous disadvantages: it is hard to account for diversity across machines and operating systems; operations are fragile and error-prone; scripts for handling simple tasks are difficult to code, or are hardly worth the effort to maintain; scheduling and managing scripts are time-consuming and repetitive; setup is inflexible; activity and error logging is rudimentary or nonexistent; and the whole mass of scripts and configuration files is nearly impossible to keep track of or even comprehend.

PIKT attempts to solve some of the problems observed in more traditional methods of monitor scripting and managing system configurations. PIKT is an embedded scripting language and accompanying script interpreter. PIKT is also a sophisticated script and system configuration file preprocessor for use with the Pikt scripting language or any other scripting language of your choice.
Finally, PIKT is a cross-platform, centrally run script scheduler (like cron), customizing installer (like rdist), command shell enhancement, and total script and configuration file management facility. PIKT's primary purpose is to monitor systems, report problems, and fix those problems whenever possible, but its flexibility lends itself to quite a few other uses as well.

MOUT
Military Operations on Urbanized Terrain (MOUT). In case you ever wondered what to do.....

Internet Journal of Rescue and Disaster Medicine
This on-line journal combines the contents of The Internet Journal of Aeromedical Transportation TM and The Internet Journal of Disaster Medicine TM.

Computer Security Group - Books & Journals
The Computer Security Group is an informal group of people with similar interests: mainly security, cryptology, and distributed systems.

We hold meetings, seminars, and workshops which are described in more detail in subsequent pages. Attendance is not restricted to members of the Computer Laboratory; we welcome visitors from other universities, companies, and other organisations.

Computer security has been among the laboratory's research interests for many years, along with related topics such as cryptology, formal methods, medical information security, electronic commerce, steganography and information hiding, and the robustness of distributed systems in general.

Here is a list of proceedings and journals which are edited by members of our group. It also has information on the "Computer & Communications Security Reviews".

Slashdot: Cryptography pages
The Slashdot articles on cryptography.

IBM 4758 PCI Cryptographic Coprocessor
The IBM PCI Cryptographic Coprocessor adds a high-security environment to your OS/2®, Windows NT®, Windows 2000®, AIX®, OS/400®, z/OS®, and OS/390® server systems for DES, RSA, and DSA cryptographic functions and sensitive custom applications. The PCI board incorporates specialized electronics to off-load your servers from time-consuming cryptographic functions while providing a tamper-responding, secure computing environment for the storage of keys and performing sensitive processing. Certification of the hardware under FIPS PUB 140-1 at levels 3 and 4 assures a high-integrity processing environment.

Extracting a 3DES key from an IBM 4758 The IBM 4758 is an extremely secure crytographic co-processor. It is used by banking systems and in other security conscious applications to hold keying material. It is designed to make it impossible to extract this keying material unless you have the correct permissions and can involve others in a conspiracy.

We are able, by a mixture of sleight-of-hand and raw processing power, to persuade an IBM 4758 running IBM's ATM (cash machine) support software called the "Common Cryptographic Architecture" (CCA) to export any and all its DES and 3DES keys to us.

Internet Security Systems, Inc.

AlertCON – Level 1:
AlertCon 1 reflects the malicious, determined, global, 24 x 7 attacks experienced by all networks
AlertCON – Level 2:
AlertCon 2 means increased vigilance/action required due to focused, patterned attacks.
AlertCON – Level 3:
AlertCon 3 means increased attacks against specific targets or vulnerabilities on a scale that is unusually high, immediate action required.
AlertCON – Level 4:
AlertCon 4 reflects a catastrophic problem for a network or group of networks whose survival depends on immediate, decisive action.

The Packetfactory
The Packetfactory is a clearing house for cool-ass network and network security related endeavors. Here you’ll find all manner of useful security tools (firewalk, pandora), network tools (libnet, ngrep), etc... Feel free to peruse and download.

C4I.org - Computer Security and Intelligence
Links to interesting sites. Some sites will soon feature on this Weblog as well.

GeoTrust: TrustWatch
TrustWatch is an identity solution for business Web sites. Site association with a business is checked, and site owners are provided with an active digital icon for their Web site. Consumers, seeking to know and trust the Web domains they visit, will know from the icon if the Web site owner is a TrustWatch member. And, if the site belongs to a TrustWatch member, consumers will have access to business information about that enterprise. It's a way to show legitimate sites and make eCommerce safer.

Permanent link added
Besides the option to comment on a weblog entry, I've also included the 'permanent link' feature with a permanent link to the weblog entry. TIP: Bookmark the permanent link instead of the URL of the weblog, since it's contents change a lot (...).

F2F FOR PALM
The built-in security of most Palm Pilots is easy to break as has been demonstrated recently. Our free program, F2F for Palm, offers strong cryptography using the newly selected AES algorithm. It is intended for storage of items like pin codes and passwords only (although the program could easily be extended into a more general service). It offers a fixed storage space, a safe area, which is only decrypted when the program is active and the correct key is entered. Sensitive information may be stored in this area.

Comment opportunity added!
I've added the option to add comments to the entries I post to this weblog. Please, don't hesitate and give your opinion!

Clean Drive: Protect Yourself and Your Life
Every move you make on your computer is being logged. From the Internet sites you visit, to the documents you open... you are being tracked. Even if you attempt to delete these tracks, Windows retains secret log files. Deleting Internet Caches and searching for history files would take hours of work manually. Clean Drive deletes all these items from your computer... automatically, as often as you like!

Default disclaimer
Not a link to an external site but the default disclaimer I use on my PC and laptop. It is a disclaimer used by the DoD but I can't seem to find the link to it anywhere. Anyway, replace [COMPANY] with ofcourse, your company name!

This is a [COMPANY] computer system. This computer system, including all related equipment, networks and network devices (specifically including Internet access), are provided only for authorized [COMPANY] use. [COMPANY] computer systems may be monitored for all lawful purposes, including to ensure that their use is authorized, for management of the system, to facilitate protection against unauthorized access, and to verify security procedures, survivability and operational security. Monitoring includes active attacks by authorized [COMPANY] entities to test or verify the security of this system. During monitoring, information may be examined, recorded, copied and used for authorized purposes. All information, including personal information, placed on or sent over this system may be monitored. Use of this [COMPANY] computer system, authorized or unauthorized, constitutes consent to monitoring of this system. Unauthorized use may subject you to criminal prosecution. Evidence of unauthorized use collected during monitoring may be used for administrative, criminal or adverse action. Use of this system constitutes consent to monitoring for these purposes.

Protect your PDAs
When was the last time you left your PDA in the conference room or on your plane seat? Yesterday? Last month? Unless you plan to chain your PDA to your belt, the odds of losing your PDA are good. And if you're an IT manager, the whereabouts of corporate-supplied PDAs--and the sensitive information they contain--is now your problem.

According to Prakash Panjwani, senior vice president of business development for Certicom, which develops security software for PDAs, companies are now seeking the same level of security with PDAs that they once sought for laptops. "In the past," says Panjwani, "these were consumer devices that snuck into the enterprise. You got it as a gift, and then you started downloading corporate information and your IT managers didn't even know about it. Now that has changed because [companies] realize that the ultimate responsibility is the IT managers'."

Although the financial value of the hardware isn't devastating, the value of the information can be. The idea of a stranger having access to your personal data may be distressing, but the possibility that somebody could access presumably security corporate information is enough to give any CEO nightmares.

Taxi flattened CIA's spy-cat project
The CIA trained 'spy-cats' to secretly gather information on suspects, declassified secret documents have revealed.

Project 'acoustic kitty' saw the pets fitted with hi-tech listening equipment and being trained to wander into secure areas.

But the project never went any further than the testing stage after the first spy-cat was run over by a taxi.

SWS Security - Electronic Surveillance Equipment
Manufacturers of Audio, Video, and RF electronic surveillance, intelligence gathering and radio communications systems since 1972.

Trends in dDOS Attack Technology
PDF report from CERT.

The SVR: Russia’s Intelligence Service (There are friendly states but there are no friendly intelligence services)
The collapse of the Soviet Union resulted in the disappearance of the most powerful security organisation ever created - the KGB. The KGB’s omnipresence in the USSR and its extensive network abroad was the result of the Soviet leadership's determination to control the population inside the USSR, and until the mid 1980s, in accordance with Marxist-Leninist principles, to propel its version of communism as far and as wide as was politically, militarily and financially feasible. The KGB was the sword and shield of the Communist Party of the Soviet Union, its occasional Ministry of Foreign Affairs and a research organisation forced sometimes to produce analysis which had nothing to do with its statutory mission and which appropriate institutes in Moscow could have done better. The political need to pamper the KGB translated well into almost unlimited funds, facilities, the ability to place KGB personnel in any Soviet organisation, inside or abroad and job offers no other organisation could match. Its foreign intelligence gathering and processing body was known as the PGU, the Russian acronym for the First Chief Directorate. Foreign Minister Boris Pankin said once that 50% of the Soviet staff in the US were working for the PGU. The unofficial FBI figure was 25%.

Microsoft's Really Hidden Files: A New Look At Forensics.
There are folders on your computer that Microsoft has tried hard to keep secret. Within these folders you will find two major things: Microsoft Internet Explorer has been logging all of the sites you have ever visited -- even after you've cleared your history, and Microsoft's Outlook Express has been logging all of your e-mail correspondence -- even after you've erased them from your Deleted Items bin. (This also includes all incoming and outgoing file attachments.) And believe me, that's not even the half of it.

Cryptanalysis of MultiSwap
An anonymous security researcher working under the pseudonym "Beale Screamer" reverse engineered the Microsoft Digital Rights Management subsystem and, by October 18th, the results were available on cryptome.org. As part of the reverse engineering effort Screamer found an unpublished block cipher, which he dubbed MultiSwap, being used as part of DRM. Screamer did not need to break the MultiSwap cipher to break DRM, but we thought it would be a fun excercise, and summarize the results of our investigation below. The attacks described here show weaknesses in the MultiSwap encryption scheme, and could potentially contribute to an attack on DRM. However, the attack on DRM described by Beale Screamer would be much more practical, so we feel that these weaknesses in MultiSwap do not pose a significant threat to DRM at this time.

Orbiscom
Orbiscom has created a global standard in secure and controlled online, offline and wireless card payment applications for financial institutions, online retailers, consumers and businesses. Partnering with brand leaders such as MBNA, Discover Financial Services, First Data Corporation, Allied Irish Banks and Microsoft, Orbiscom's secure online payment technology is now available to consumers in the United States and Europe.
Consumers shop safely when they use substitute credit and debit card numbers for online shopping. Orbiscom's technology enables financial institutions to provide their cardholders with the ability to generate a unique card number in place of their real card number for each purchase.

paybox - world's first mobile payment service
At last, mobile phones are wallets, and they're the newest, most secure way to shop online.

With paybox you can send money, receive money and pay with your mobile. It works with any bank account, any GSM mobile phone, across any mobile network. You don't need any special software. In five minutes you're ready to go!

All transactions are secure and no bank account numbers or credit card details are disclosed. All you need is a current account and a mobile phone!