System7

Why aren’t more businesses proactive?

Mon, 16 Jan 2012 13:23:28 +0000

Conducting open source intelligence gathering

Sat, 14 Jan 2012 15:50:43 +0000

There’s an excellent article, The Subtle Art of OSINT, that details gathering intelligence from freely available sources.

Some of the sources discussed include:

Google hacking
Wayback machine
Social media
WHOIS / Robtex
Maltego

A Guide to Defending Privacy at U.S. Border

Thu, 12 Jan 2012 12:52:23 +0000

Take a look at the EFF’s latest article “Defending Privacy at the U.S. Border: A Guide for Travelers Carrying Digital Devices”

Account Passwords vs. Full Disk Encryption:

This distinction makes a major practical difference. Bypassing an account password is a routine operation that can be done automatically with forensic software that bypasses the operating system and looks directly at the disk, your account password is no obstacle for this forensic software. Fortunately, modern computer systems come with comparatively easy full-disk encryption tools that let you encrypt the contents of your hard drive with a passphrase that will be required when you start your computer. Using these tools is the most fundamental security precaution for computer users who have confidential information on their hard drives and are concerned about losing control over their computers — not just at a border crossing, but at any moment during a trip when a computer could be lost or stolen.

Simply deleting data from your hard drive with your normal OS file deletion features is not secure and the data is still present and recoverable on your hard drive. Just because deleted files are no longer visible in your operating system’s file manager does not mean that a forensic expert can’t undelete them or deduce that they were once present.

If a border agent asks you to provide an account password or encryption passphrase or to decrypt data stored on your device, you don’t have to comply. Only a judge can force you to reveal information to the government, and only to the extent that you do not have a valid Fifth Amendment right against self-incrimination.

It’s extremely important that you do not tell a lie to a border agent. If you are absolutely sure that you don’t want to answer a specific question, it’s better to politely decline to answer than to give a false answer.

Be aware that border agents may search your camera, copy its contents, or try to undelete images or videos that you believe you’ve deleted and that are no longer visible from the camera’s user interface.

Uncrackable Passwords

Thu, 05 Jan 2012 15:09:26 +0000

The H has an interesting article on storing passwords to prevent unauthorized access and identity theft. The article discusses the following methods and downfalls associated with each:

Plaintext
Hashing
Hashing with salt
Key stretching
Hashing with multiple rounds
Determining cipher used

Most importantly, don’t reinvent the wheel if you’re building an application requiring authentication. Rely on tested frameworks such as OAuth or PHPass.

Stallman: Still an eccentric?

Tue, 03 Jan 2012 14:34:25 +0000

There’s an interesting article at OSNews about Richard Stallman and his FSF principles. His philosophy rings especially true in these times with the recent passing of the NDAA, SOPA discussions, and the growing threat of increased monitoring and restrictions.

To summarize:

However, as the world changes, the importance of the ability to check what the code in your devices is doing – by someone else in case you lack the skills – becomes increasingly apparent. If we lose the ability to check what our own computers are doing, we’re boned.

The article also links to Cory Doctorow’s 28C3 keynote titled ‘The Coming War on General Purpose Computation‘. (video and transcript available)

Abstract:

The last 20 years of Internet policy have been dominated by the copyright war, but the war turns out only to have been a skirmish. The coming century will be dominated by war against the general purpose computer, and the stakes are the freedom, fortune and privacy of the entire human race.

Future of the Global Positioning System (GPS)

Mon, 19 Dec 2011 18:18:39 +0000

There’s an interesting read from the Congressional Budget Office (USA) on cost estimates for the next generation GPS system. This is particularly of interest now due to reports that Iran may have jammed the captured US drone’s GPS receiver in order to prevent it from returning “home”.

What is GPS?

The GPS uses a constellation of at least 24 satellites, each of which transmits precise data on the time and its location. Receivers—both military and civilian—use the data transmitted by the satellites to calculate their own position; information from a minimum of 4 satellites is required to determine a position accurately in three dimensions.

Solutions for next generation GPS:

As the Department of Defense’s satellites reach the end of their service lives, the department plans to replace them with ones that can counter deliberate interference by generating stronger signals. Analysis —namely, improving military receivers to retain the GPS signal even in the presence of such jamming—would be less expensive than DoD’s plan for upgrading its constellation of GPS satellites. Furthermore, the alternative would yield benefits almost a decade earlier than DoD’s plan. However, the improvements to military receivers could make them larger and heavier (and thereby less useful to personnel operating on foot) until they could incorporate the substantial gains that have been achieved in miniaturization in other applications.

Option 1 would improve current military GPS receivers by fitting them with better antennas and by adding inertial navigation systems.
Option 2 would capitalize on a DoD research and development program by enabling current GPS receivers to integrate information received via the Iridium commercial communications satellite network.
Option 3 would include the improvements of both Option 1 and Option 2.

Read the complete article here.

Wall Street Journal’s Surveillance Catalog

Thu, 24 Nov 2011 15:25:06 +0000

Documents obtained by The Wall Street Journal open a rare window into a new global market for the off-the-shelf surveillance technology that has arisen in the decade since the terrorist attacks of Sept. 11, 2001.

The techniques described in the trove of 200-plus marketing documents include hacking tools that enable governments to break into people’s computers and cellphones, and “massive intercept” gear that can gather all Internet communications in a country.

The documents fall into five general categories: hacking, intercept, data analysis, web scraping and anonymity.

Check out the Surveillance Catalog here.

Recent Development Efforts for Military Airships

Wed, 02 Nov 2011 12:35:45 +0000

The Congressional Budget Office (CBO) has released a document that examines the potential capabilities of airships for ISR (intelligence, surveillance, and reconnaissance) and airlift missions.

During the past decade’s operations in Afghanistan and Iraq, the U.S. military has come to rely heavily on the continuous presence overhead of both manned and unmanned aircraft to support ground troops. Aircraft that remain aloft in particular locations have been primarily used to provide timely information about activities on the ground and to attack ground targets on short notice. Most prominent among these aircraft are the Department of Defense’s (DoD’s) fleets of unmanned Predators, Reapers, and Global Hawks.

The demand for those so-called “persistent” or “loitering” missions has led the Air Force to substantially enlarge its fleet of unmanned aircraft, and the Army, Navy, and Marine Corps to field or plan to field similar aircraft to provide intelligence, surveillance, and reconnaissance (ISR) and light-attack capabilities of their own. Unmanned aircraft are particularly attractive for such missions because they can be designed to provide durations beyond the physical endurance of human air crews and because they do not put humans at risk during operations in potentially hostile airspace.

In light of the demand for aircraft capable of remaining aloft for long periods of time, considerable interest in airships as alternatives to conventional aircraft exists. Although unmanned airships are unproven, they have the potential to remain in the air for long periods—providing mission durations that are many times longer than would be practical for conventional aircraft. Consequently, the military services are exploring a variety of designs for unmanned airships capable of carrying ISR sensors.

In brief, CBO finds that:

If the speed, payload, and endurance proposed for unmanned airships can be achieved, the resulting craft could serve effectively in the ISR and airlift roles;
Airships’ performance characteristics would provide some advantages and suffer from some disadvantages relative to those of the conventional aircraft currently used for ISR and airlift missions; and
Airships would present new operational challenges such as greater sensitivity to weather conditions and the need to provide unique types of maintenance and support.

Read the complete report on Slide Share here.

Microsoft & UEFI Secure Boot

Mon, 31 Oct 2011 14:50:18 +0000

A technical solution has finally been proposed to avoid locking out Linux and other OS vendors from UEFI shipped motherboards. A couple of months ago Microsoft made waves by announcing their Windows 8 support for UEFI. Open source supports took notice that this security mechanism could prevent other operating systems from booting on UEFI compatible hardware.

The Linux Foundation has released a paper with a possible solution:

papers suggest that all platforms which enable Secure Boot should ship in “setup mode” which would give the system owner control of the Secure Boot system. Initial startup of an operating system should then detect that setup mode and install a KEK (key-exchange-key) and PK to enable Secure Boot. The system would then securely boot that operating system. When a user needed to take control of their system’s secure boot, a “reset” option for UEFI’s keys would allow those keys to be cleared and a different operating system installed. Microsoft’s Windows 8 could also be pre-installed in the same way; the UEFI reset would then unlock the machine for other operating systems.

Isaac Asimov on Security Theater

Tue, 04 Oct 2011 11:38:45 +0000

I saw this on Bruce Schneier’s blog and felt it was worth reposting. Don’t forget to add Bruce’s upcoming book to your holiday wishlist: Liars & Outliers.

Isaac Asimov on Security Theater

A great find:

In his 1956 short story, “Let’s Get Together,” Isaac Asimov describes security measures proposed to counter a terrorist threat:

“Consider further that this news will leak out as more and more people become involved in our countermeasures and more and more people begin to guess what we’re doing. Then what? The panic might do us more harm than any one TC bomb.”The Presidential Assistant said irritably, “In Heaven’s name, man, what do you suggest we do, then?”

“Nothing,” said Lynn. “Call their bluff. Live as we have lived and gamble that They won’t dare break the stalemate for the sake of a one-bomb head start.”

“Impossible!” said Jeffreys. “Completely impossible. The welfare of all of Us is very largely in my hands, and doing nothing is the one thing I cannot do. I agree with you, perhaps, that X-ray machines at sports arenas are a kind of skin-deep measure that won’t be effective, but it has to be done so that people, in the aftermath, do not come to the bitter conclusion that we tossed our country away for the sake of a subtle line of reasoning that encouraged donothingism.”

This Jeffreys guy sounds as if he works for the TSA.