Skip to main content

Home/ Future of the Web/ Group items tagged system takes

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Paul Merrell

The Digital Hunt for Duqu, a Dangerous and Cunning U.S.-Israeli Spy Virus - The Intercept - 1 views

firstlook.org/...stuxnet

surveillance state cyberwar Stuxnet

shared by Paul Merrell on 14 Nov 14 - No Cached
  • “Is this related to what we talked about before?” Bencsáth said, referring to a previous discussion they’d had about testing new services the company planned to offer customers. “No, something else,” Bartos said. “Can you come now? It’s important. But don’t tell anyone where you’re going.” Bencsáth wolfed down the rest of his lunch and told his colleagues in the lab that he had a “red alert” and had to go. “Don’t ask,” he said as he ran out the door. A while later, he was at Bartos’ office, where a triage team had been assembled to address the problem they wanted to discuss. “We think we’ve been hacked,” Bartos said.
  • They found a suspicious file on a developer’s machine that had been created late at night when no one was working. The file was encrypted and compressed so they had no idea what was inside, but they suspected it was data the attackers had copied from the machine and planned to retrieve later. A search of the company’s network found a few more machines that had been infected as well. The triage team felt confident they had contained the attack but wanted Bencsáth’s help determining how the intruders had broken in and what they were after. The company had all the right protections in place—firewalls, antivirus, intrusion-detection and -prevention systems—and still the attackers got in.
  • Bencsáth was a teacher, not a malware hunter, and had never done such forensic work before. At the CrySyS Lab, where he was one of four advisers working with a handful of grad students, he did academic research for the European Union and occasional hands-on consulting work for other clients, but the latter was mostly run-of-the-mill cleanup work—mopping up and restoring systems after random virus infections. He’d never investigated a targeted hack before, let alone one that was still live, and was thrilled to have the chance. The only catch was, he couldn’t tell anyone what he was doing. Bartos’ company depended on the trust of customers, and if word got out that the company had been hacked, they could lose clients. The triage team had taken mirror images of the infected hard drives, so they and Bencsáth spent the rest of the afternoon poring over the copies in search of anything suspicious. By the end of the day, they’d found what they were looking for—an “infostealer” string of code that was designed to record passwords and other keystrokes on infected machines, as well as steal documents and take screenshots. It also catalogued any devices or systems that were connected to the machines so the attackers could build a blueprint of the company’s network architecture. The malware didn’t immediately siphon the stolen data from infected machines but instead stored it in a temporary file, like the one the triage team had found. The file grew fatter each time the infostealer sucked up data, until at some point the attackers would reach out to the machine to retrieve it from a server in India that served as a command-and-control node for the malware.
  • ...1 more annotation...
  • Bencsáth took the mirror images and the company’s system logs with him, after they had been scrubbed of any sensitive customer data, and over the next few days scoured them for more malicious files, all the while being coy to his colleagues back at the lab about what he was doing. The triage team worked in parallel, and after several more days they had uncovered three additional suspicious files. When Bencsáth examined one of them—a kernel-mode driver, a program that helps the computer communicate with devices such as printers—his heart quickened. It was signed with a valid digital certificate from a company in Taiwan (digital certificates are documents ensuring that a piece of software is legitimate). Wait a minute, he thought. Stuxnet—the cyberweapon that was unleashed on Iran’s uranium-enrichment program—also used a driver that was signed with a certificate from a company in Taiwan. That one came from RealTek Semiconductor, but this certificate belonged to a different company, C-Media Electronics. The driver had been signed with the certificate in August 2009, around the same time Stuxnet had been unleashed on machines in Iran.
Paul Merrell

Internet Giants Erect Barriers to Spy Agencies - NYTimes.com - 0 views

www.nytimes.com/...-barriers-to-spy-agencies.html

surveillance-state NSA-reform DIY-reform internet-hardening digital-privacy

shared by Paul Merrell on 08 Jun 14 - No Cached
  • As fast as it can, Google is sealing up cracks in its systems that Edward J. Snowden revealed the N.S.A. had brilliantly exploited. It is encrypting more data as it moves among its servers and helping customers encode their own emails. Facebook, Microsoft and Yahoo are taking similar steps.
  • After years of cooperating with the government, the immediate goal now is to thwart Washington — as well as Beijing and Moscow. The strategy is also intended to preserve business overseas in places like Brazil and Germany that have threatened to entrust data only to local providers. Google, for example, is laying its own fiber optic cable under the world’s oceans, a project that began as an effort to cut costs and extend its influence, but now has an added purpose: to assure that the company will have more control over the movement of its customer data.
  • A year after Mr. Snowden’s revelations, the era of quiet cooperation is over. Telecommunications companies say they are denying requests to volunteer data not covered by existing law. A.T.&T., Verizon and others say that compared with a year ago, they are far more reluctant to cooperate with the United States government in “gray areas” where there is no explicit requirement for a legal warrant.
  • ...8 more annotations...
  • Eric Grosse, Google’s security chief, suggested in an interview that the N.S.A.'s own behavior invited the new arms race.“I am willing to help on the purely defensive side of things,” he said, referring to Washington’s efforts to enlist Silicon Valley in cybersecurity efforts. “But signals intercept is totally off the table,” he said, referring to national intelligence gathering.“No hard feelings, but my job is to make their job hard,” he added.
  • In Washington, officials acknowledge that covert programs are now far harder to execute because American technology companies, fearful of losing international business, are hardening their networks and saying no to requests for the kind of help they once quietly provided.Continue reading the main story Robert S. Litt, the general counsel of the Office of the Director of National Intelligence, which oversees all 17 American spy agencies, said on Wednesday that it was “an unquestionable loss for our nation that companies are losing the willingness to cooperate legally and voluntarily” with American spy agencies.
  • Many point to an episode in 2012, when Russian security researchers uncovered a state espionage tool, Flame, on Iranian computers. Flame, like the Stuxnet worm, is believed to have been produced at least in part by American intelligence agencies. It was created by exploiting a previously unknown flaw in Microsoft’s operating systems. Companies argue that others could have later taken advantage of this defect.Worried that such an episode undercuts confidence in its wares, Microsoft is now fully encrypting all its products, including Hotmail and Outlook.com, by the end of this year with 2,048-bit encryption, a stronger protection that would take a government far longer to crack. The software is protected by encryption both when it is in data centers and when data is being sent over the Internet, said Bradford L. Smith, the company’s general counsel.
  • Mr. Smith also said the company was setting up “transparency centers” abroad so that technical experts of foreign governments could come in and inspect Microsoft’s proprietary source code. That will allow foreign governments to check to make sure there are no “back doors” that would permit snooping by United States intelligence agencies. The first such center is being set up in Brussels.Microsoft has also pushed back harder in court. In a Seattle case, the government issued a “national security letter” to compel Microsoft to turn over data about a customer, along with a gag order to prevent Microsoft from telling the customer it had been compelled to provide its communications to government officials. Microsoft challenged the gag order as violating the First Amendment. The government backed down.
  • Hardware firms like Cisco, which makes routers and switches, have found their products a frequent subject of Mr. Snowden’s disclosures, and their business has declined steadily in places like Asia, Brazil and Europe over the last year. The company is still struggling to convince foreign customers that their networks are safe from hackers — and free of “back doors” installed by the N.S.A. The frustration, companies here say, is that it is nearly impossible to prove that their systems are N.S.A.-proof.
  • In one slide from the disclosures, N.S.A. analysts pointed to a sweet spot inside Google’s data centers, where they could catch traffic in unencrypted form. Next to a quickly drawn smiley face, an N.S.A. analyst, referring to an acronym for a common layer of protection, had noted, “SSL added and removed here!”
  • Facebook and Yahoo have also been encrypting traffic among their internal servers. And Facebook, Google and Microsoft have been moving to more strongly encrypt consumer traffic with so-called Perfect Forward Secrecy, specifically devised to make it more labor intensive for the N.S.A. or anyone to read stored encrypted communications.One of the biggest indirect consequences from the Snowden revelations, technology executives say, has been the surge in demands from foreign governments that saw what kind of access to user information the N.S.A. received — voluntarily or surreptitiously. Now they want the same.
  • The latest move in the war between intelligence agencies and technology companies arrived this week, in the form of a new Google encryption tool. The company released a user-friendly, email encryption method to replace the clunky and often mistake-prone encryption schemes the N.S.A. has readily exploited.But the best part of the tool was buried in Google’s code, which included a jab at the N.S.A.'s smiley-face slide. The code included the phrase: “ssl-added-and-removed-here-; - )”
Gonzalo San Gil, PhD.

How to Update Linux Kernel for Improved System Performance - 1 views

www.makeuseof.com/...el-improved-system-performance

how to update linux kernel improved system performance beyond current distro statte

shared by Gonzalo San Gil, PhD. on 26 Jul 15 - No Cached
  • Gonzalo San Gil, PhD. on 26 Jul 15
     
    " The rate of development for the Linux kernel is unprecedented, with a new major release approximately every two to three months. Each release offers several new features and improvements that a lot of people could take advantage of to make their computing experience faster, more efficient, or better in other ways."
Paul Merrell

Google Chrome Listening In To Your Room Shows The Importance Of Privacy Defense In Depth - 0 views

www.privateinternetaccess.com/...ce-of-privacy-defense-in-depth

surveillance state Google-Chrome Chromium audio-surveillance digital-surveillance

shared by Paul Merrell on 23 Jun 15 - No Cached
  • Yesterday, news broke that Google has been stealth downloading audio listeners onto every computer that runs Chrome, and transmits audio data back to Google. Effectively, this means that Google had taken itself the right to listen to every conversation in every room that runs Chrome somewhere, without any kind of consent from the people eavesdropped on. In official statements, Google shrugged off the practice with what amounts to “we can do that”.It looked like just another bug report. "When I start Chromium, it downloads something." Followed by strange status information that notably included the lines "Microphone: Yes" and "Audio Capture Allowed: Yes".
  • Without consent, Google’s code had downloaded a black box of code that – according to itself – had turned on the microphone and was actively listening to your room.A brief explanation of the Open-source / Free-software philosophy is needed here. When you’re installing a version of GNU/Linux like Debian or Ubuntu onto a fresh computer, thousands of really smart people have analyzed every line of human-readable source code before that operating system was built into computer-executable binary code, to make it common and open knowledge what the machine actually does instead of trusting corporate statements on what it’s supposed to be doing. Therefore, you don’t install black boxes onto a Debian or Ubuntu system; you use software repositories that have gone through this source-code audit-then-build process. Maintainers of operating systems like Debian and Ubuntu use many so-called “upstreams” of source code to build the final product.Chromium, the open-source version of Google Chrome, had abused its position as trusted upstream to insert lines of source code that bypassed this audit-then-build process, and which downloaded and installed a black box of unverifiable executable code directly onto computers, essentially rendering them compromised. We don’t know and can’t know what this black box does. But we see reports that the microphone has been activated, and that Chromium considers audio capture permitted.
  • This was supposedly to enable the “Ok, Google” behavior – that when you say certain words, a search function is activated. Certainly a useful feature. Certainly something that enables eavesdropping of every conversation in the entire room, too.Obviously, your own computer isn’t the one to analyze the actual search command. Google’s servers do. Which means that your computer had been stealth configured to send what was being said in your room to somebody else, to a private company in another country, without your consent or knowledge, an audio transmission triggered by… an unknown and unverifiable set of conditions.Google had two responses to this. The first was to introduce a practically-undocumented switch to opt out of this behavior, which is not a fix: the default install will still wiretap your room without your consent, unless you opt out, and more importantly, know that you need to opt out, which is nowhere a reasonable requirement. But the second was more of an official statement following technical discussions on Hacker News and other places. That official statement amounted to three parts (paraphrased, of course):
  • ...4 more annotations...
  • 1) Yes, we’re downloading and installing a wiretapping black-box to your computer. But we’re not actually activating it. We did take advantage of our position as trusted upstream to stealth-insert code into open-source software that installed this black box onto millions of computers, but we would never abuse the same trust in the same way to insert code that activates the eavesdropping-blackbox we already downloaded and installed onto your computer without your consent or knowledge. You can look at the code as it looks right now to see that the code doesn’t do this right now.2) Yes, Chromium is bypassing the entire source code auditing process by downloading a pre-built black box onto people’s computers. But that’s not something we care about, really. We’re concerned with building Google Chrome, the product from Google. As part of that, we provide the source code for others to package if they like. Anybody who uses our code for their own purpose takes responsibility for it. When this happens in a Debian installation, it is not Google Chrome’s behavior, this is Debian Chromium’s behavior. It’s Debian’s responsibility entirely.3) Yes, we deliberately hid this listening module from the users, but that’s because we consider this behavior to be part of the basic Google Chrome experience. We don’t want to show all modules that we install ourselves.
  • If you think this is an excusable and responsible statement, raise your hand now.Now, it should be noted that this was Chromium, the open-source version of Chrome. If somebody downloads the Google product Google Chrome, as in the prepackaged binary, you don’t even get a theoretical choice. You’re already downloading a black box from a vendor. In Google Chrome, this is all included from the start.This episode highlights the need for hard, not soft, switches to all devices – webcams, microphones – that can be used for surveillance. A software on/off switch for a webcam is no longer enough, a hard shield in front of the lens is required. A software on/off switch for a microphone is no longer enough, a physical switch that breaks its electrical connection is required. That’s how you defend against this in depth.
  • Of course, people were quick to downplay the alarm. “It only listens when you say ‘Ok, Google’.” (Ok, so how does it know to start listening just before I’m about to say ‘Ok, Google?’) “It’s no big deal.” (A company stealth installs an audio listener that listens to every room in the world it can, and transmits audio data to the mothership when it encounters an unknown, possibly individually tailored, list of keywords – and it’s no big deal!?) “You can opt out. It’s in the Terms of Service.” (No. Just no. This is not something that is the slightest amount of permissible just because it’s hidden in legalese.) “It’s opt-in. It won’t really listen unless you check that box.” (Perhaps. We don’t know, Google just downloaded a black box onto my computer. And it may not be the same black box as was downloaded onto yours. )Early last decade, privacy activists practically yelled and screamed that the NSA’s taps of various points of the Internet and telecom networks had the technical potential for enormous abuse against privacy. Everybody else dismissed those points as basically tinfoilhattery – until the Snowden files came out, and it was revealed that precisely everybody involved had abused their technical capability for invasion of privacy as far as was possible.Perhaps it would be wise to not repeat that exact mistake. Nobody, and I really mean nobody, is to be trusted with a technical capability to listen to every room in the world, with listening profiles customizable at the identified-individual level, on the mere basis of “trust us”.
  • Privacy remains your own responsibility.
  • Paul Merrell on 23 Jun 15
     
    And of course, Google would never succumb to a subpoena requiring it to turn over the audio stream to the NSA. The Tor Browser just keeps looking better and better. https://www.torproject.org/projects/torbrowser.html.en
Paul Merrell

Sun's Advanced Datacenter (Santa Clara, CA) - System News - 0 views

sun.systemnews.com/...20168

data center container sun-msft cloud

shared by Paul Merrell on 11 Jul 08 - Cached
  • To run Sun’s award-winning data centers, a modular design containing many "pods" was implemented to save power and time. The modular design aids the building of any sized datacenter. Inside of each pod, there are 24 racks. Each of these 24 racks has a common cooling system as does every other modular building block. The number of pods is limited by the size of the datacenters. Large and small datacenters can benefit from using the pod approach. The module design makes it easy to configure a datacenter to meet a client's requirements. As the datacenter grows over time, adding pods is convenient. The module and pod designs make it easy to adapt to new technology such as blade servers. Some of the ways that Sun’s datacenter modules are designed with the future in mind are as follows:
  • To run Sun’s award-winning data centers, a modular design containing many "pods" was implemented to save power and time. The modular design aids the building of any sized datacenter. Inside of each pod, there are 24 racks. Each of these 24 racks has a common cooling system as does every other modular building block. The number of pods is limited by the size of the datacenters. Large and small datacenters can benefit from using the pod approach. The module design makes it easy to configure a datacenter to meet a client's requirements. As the datacenter grows over time, adding pods is convenient. The module and pod designs make it easy to adapt to new technology such as blade servers.
  • An updated 58-page Sun BluePrint covers Sun's approach to designing datacenters. (Authors - Dean Nelson, Michael Ryan, Serena DeVito, Ramesh KV, Petr Vlasaty, Brett Rucker, and Brian Day): ENERGY EFFICIENT DATACENTERS: THE ROLE OF MODULARITY IN DATACENTER DESIGN. More Information Sun saves $1 million/year with new datacenter Take a Virtual Tour
  • ...3 more annotations...
  • An updated 58-page Sun BluePrint covers Sun's approach to designing datacenters. (Authors - Dean Nelson, Michael Ryan, Serena DeVito, Ramesh KV, Petr Vlasaty, Brett Rucker, and Brian Day): ENERGY EFFICIENT DATACENTERS: THE ROLE OF MODULARITY IN DATACENTER DESIGN.
  • Take a Virtual Tour
  • Other articles in the Hardware section of Volume 125, Issue 1: Sun's Advanced Datacenter (Santa Clara, CA) Modular Approach Is Key to Datacenter Design for Sun Sun Datacenter Switch 3x24 See all archived articles in the
  • Paul Merrell on 11 Jul 08
     
    This page seems to be the hub for information about the Sun containerized data centers. I've highlighted links as well as text, but not all the text on the page. Info gathered in the process of surfing the linked pages: [i] the 3x24 data switch page recomends redundant Solaris instances; [ii] x64 blade servers are the design target; [iii] there is specific mention of other Sun-managed data centers being erected in Indiana and in Bangalore, India; [iv] the whiff is that Sun might not only be supplying the data centers for the Microsoft cloud but also managing them; and [v] the visual tour is very impressive; clearly some very brilliant people put a lot of hard and creative work into this.
Paul Merrell

Can Dweb Save The Internet? 06/03/2019 - 0 views

www.mediapost.com/...an-dweb-save-the-internet.html

DWeb Tim Berners-Lee Kahle Solid Mastadon Peertube

shared by Paul Merrell on 24 Jun 19 - No Cached
  • On a mysterious farm just above the Pacific Ocean, the group who built the internet is inviting a small number of friends to a semi-secret gathering. They describe it as a camp "where diverse people can freely exchange ideas about the technologies, laws, markets, and agreements we need to move forward.” Forward indeed.It wasn’t that long ago that the internet was an open network of computers, blogs, sites, and posts.But then something happened -- and the open web was taken over by private, for-profit, closed networks. Facebook isn’t the web. YouTube isn’t the web. Google isn’t the web. They’re for-profit businesses that are looking to sell audiences to advertisers.Brewster Kahle is one of the early web innovators who built the Internet Archive as a public storehouse to protect the web’s history. Along with web luminaries such as Sir Tim Berners-Lee and Vint Cerf, he is working to protect and rebuild the open nature of the web.advertisementadvertisement“We demonstrated that the web had failed instead of served humanity, as it was supposed to have done,” Berners-Lee told Vanity Fair. The web has “ended up producing -- [through] no deliberate action of the people who designed the platform -- a large-scale emergent phenomenon which is anti-human.”
  • o, they’re out to fix it, working on what they call the Dweb. The “d” in Dweb stands for distributed. In distributed systems, no one entity has control over the participation of any other entity.Berners-Lee is building a platform called Solid, designed to give people control over their own data. Other global projects also have the goal of taking take back the public web. Mastodon is decentralized Twitter. Peertube is a decentralized alternative to YouTube.This July 18 - 21, web activists plan to convene at the Decentralized Web Summit in San Francisco. Back in 2016, Kahle convened an early group of builders, archivists, policymaker, and journalists. He issued a challenge to  use decentralized technologies to “Lock the Web Open.” It’s hard to imagine he knew then how quickly the web would become a closed network.Last year's Dweb gathering convened more than 900 developers, activists, artists, researchers, lawyers, and students. Kahle opened the gathering by reminding attendees that the web used to be a place where everyone could play. "Today, I no longer feel like a player, I feel like I’m being played. Let’s build a decentralized web, let’s build a system we can depend on, a system that doesn’t feel creepy” he said, according to IEEE Spectrum.With the rising tide of concerns about how social networks have hacked our democracy, Kahle and his Dweb community will gather with increasing urgency around their mission.The internet began with an idealist mission to connect people and information for good. Today's web has yet to achieve that goal, but just maybe Dweb will build an internet more robust and open than the current infrastructure allows. That’s a mission worth fighting for.
Gary Edwards

Sun pitches new cloud as 'Open Platform' * - 0 views

www.theregister.co.uk/...sun_cloud_platform

Cloud-Computing Cloud-API sun tim-bray

shared by Gary Edwards on 03 Apr 09 - Cached
  • Gary Edwards on 03 Apr 09
     
    Sun takes on the problem of interoperability and portability of applications in a world where there will be many many clouds. At the roll out of the Sun Cloud, key executives explain Sun's implementation of Open Cloud API's and what they see as a pressing need for management tools that will allow some standardization across clouds.

    Sun's Open Cloud API plan is a clean reuse of existing Open Web API's.

    "..... The underpinning of the Open Cloud Platform that Sun will be pitching to developers is a set of cloud APIs, the creation of which is focused under Project Kenai and which has been released under a Community Commons open source license. Sun wants lots of feedback on the APIs and wants these APIs to become a standard too, hence the open license. These APIs describes how virtual elements in a cloud are created, started, stopped, and hibernated using HTTP commands such as GET, PUT, and POST...."

    "...... The upshot is that these APIs will allow programmatic access to virtual infrastructure from Java, PHP, Python, and Ruby and that means system admins can script how virtual resources are deployed. The APIs, as co-creator Tim Bray explains in his blog, are written in JavaScript Object Notation (JSON), not XML. The Q-Layer software is a graphical representation of what is going on down in the APIs, and you can moving virtual resources into the cloud with a click of a mouse using the dashboard or programmatically using the APIs from those four programming languages listed above. (PHP support is not yet available, but will be)....."
  • David Corking on 08 Apr 09
     
    I can see why Sun picked those four languages first. Can I assume that with a bit of work, this API will be usable from any language with a C "foreign function interface", such as Perl, Common Lisp, Bourne shell, Squeak Smalltalk, and others that your server application might be written in?
  • David Corking on 08 Apr 09
     
    I read this comment that largely answers my question at: http://www.tbray.org/ongoing/When/200x/2009/03/16/Sun-Cloud "So right now JSON out of a shell tool is not so good. More things like this will create pressure for development of tools to change that, but years of widespread XML/HTML deployment have only produced a few oddly maintained tools. Perhaps that's because you can scrape quite a bit of the web with a couple sed passes, and if I were to have to deal with the mentioned tools, that's probably the route I'd take." (seth w. klein) In other words, with a bit of work, _anything_ that can talk text over HTTP can do this with a bit of work, but an object-oriented is likely to be more at home with JSON (JavaScript Object Notation)
Paul Merrell

The Internet of Things Will Turn Large-Scale Hacks into Real World Disasters | Motherboard - 0 views

motherboard.vice.com/...-large-scale-internet-disaster

computer-security Internet-of-things Scneier

shared by Paul Merrell on 15 Aug 16 - No Cached
  • Disaster stories involving the Internet of Things are all the rage. They feature cars (both driven and driverless), the power grid, dams, and tunnel ventilation systems. A particularly vivid and realistic one, near-future fiction published last month in New York Magazine, described a cyberattack on New York that involved hacking of cars, the water system, hospitals, elevators, and the power grid. In these stories, thousands of people die. Chaos ensues. While some of these scenarios overhype the mass destruction, the individual risks are all real. And traditional computer and network security isn’t prepared to deal with them.Classic information security is a triad: confidentiality, integrity, and availability. You’ll see it called “CIA,” which admittedly is confusing in the context of national security. But basically, the three things I can do with your data are steal it (confidentiality), modify it (integrity), or prevent you from getting it (availability).
  • So far, internet threats have largely been about confidentiality. These can be expensive; one survey estimated that data breaches cost an average of $3.8 million each. They can be embarrassing, as in the theft of celebrity photos from Apple’s iCloud in 2014 or the Ashley Madison breach in 2015. They can be damaging, as when the government of North Korea stole tens of thousands of internal documents from Sony or when hackers stole data about 83 million customer accounts from JPMorgan Chase, both in 2014. They can even affect national security, as in the case of the Office of Personnel Management data breach by—presumptively—China in 2015. On the Internet of Things, integrity and availability threats are much worse than confidentiality threats. It’s one thing if your smart door lock can be eavesdropped upon to know who is home. It’s another thing entirely if it can be hacked to allow a burglar to open the door—or prevent you from opening your door. A hacker who can deny you control of your car, or take over control, is much more dangerous than one who can eavesdrop on your conversations or track your car’s location. With the advent of the Internet of Things and cyber-physical systems in general, we've given the internet hands and feet: the ability to directly affect the physical world. What used to be attacks against data and information have become attacks against flesh, steel, and concrete. Today’s threats include hackers crashing airplanes by hacking into computer networks, and remotely disabling cars, either when they’re turned off and parked or while they’re speeding down the highway. We’re worried about manipulated counts from electronic voting machines, frozen water pipes through hacked thermostats, and remote murder through hacked medical devices. The possibilities are pretty literally endless. The Internet of Things will allow for attacks we can’t even imagine.
  • Paul Merrell on 15 Aug 16
     
    Bruce Scneier on the insecurity of the Internet of Things, and possible consequences.
Paul Merrell

The BRICS "Independent Internet" Cable. In Defiance of the "US-Centric Internet" | Glob... - 0 views

www.globalresearch.ca/...5350272

security state NSA Internet-Balkanization BRICS-net

shared by Paul Merrell on 19 Sep 13 - No Cached
  • The President of Brazil, Dilma Rousseff announces publicly the creation of a world internet system INDEPENDENT from US and Britain ( the “US-centric internet”). Not many understand that, while the immediate trigger for the decision (coupled with the cancellation of a summit with the US president) was the revelations on NSA spying, the reason why Rousseff can take such a historic step is that the alternative infrastructure: The BRICS cable from Vladivostock, Russia  to Shantou, China to Chennai, India  to Cape Town, South Africa  to Fortaleza, Brazil,  is being built and it’s, actually, in its final phase of implementation. No amount of provocation and attempted “Springs” destabilizations and Color Revolution in the Middle East, Russia or Brazil can stop this process.  The huge submerged part of the BRICS plan is not yet known by the broader public.
  • Nonetheless it is very real and extremely effective. So real that international investors are now jumping with both feet on this unprecedented real economy opportunity. The change… has already happened. Brazil plans to divorce itself from the U.S.-centric Internet over Washington’s widespread online spying, a move that many experts fear will be a potentially dangerous first step toward politically fracturing a global network built with minimal interference by governments. President Dilma Rousseff has ordered a series of measures aimed at greater Brazilian online independence and security following revelations that the U.S. National Security Agency intercepted her communications, hacked into the state-owned Petrobras oil company’s network and spied on Brazilians who entrusted their personal data to U.S. tech companies such as Facebook and Google.
  • BRICS Cable… a 34 000 km, 2 fibre pair, 12.8 Tbit/s capacity, fibre optic cable system For any global investor, there is no crisis – there is plenty of growth. It’s just not in the old world BRICS is ~45% of the world’s population and ~25% of the world’s GDP BRICS together create an economy the size of Italy every year… that’s the 8th largest economy in the world The BRICS presents profound opportunities in global geopolitics and commerce Links Russia, China, India, South Africa, Brazil – the BRICS economies – and the United States. Interconnect with regional and other continental cable systems in Asia, Africa and South America for improved global coverage Immediate access to 21 African countries and give those African countries access to the BRICS economies. Projected ready for service date is mid to second half of 2015.
  • Paul Merrell on 19 Sep 13
     
    Undoubtedly, construction was under way well before the Edward Snowden leaked documents began to be published. But that did give the new BRICS Cable an excellent hook for the announcement. With 12.8 Tbps throughput, it looks like this may divert considerable traffic now routed through the UK. But it still connects with the U.S., in Miami. 
Paul Merrell

With Microsoft Midori, Platforms Take Shape In The Cloud -- Cloud Computing -- Informat... - 0 views

www.informationweek.com/...showArticle.jhtml

cherrypal cloud-computing desktoptwo eyeos g.h.o.st google icloud midori operating systems xcerion youos

shared by Paul Merrell on 03 Aug 08 - Cached
  • Meanwhile a Mountain View, Calif.-based startup called CherryPal just released a new mini-PC, known as the CherryPal, that is designed to operate solely via a Firefox browser. While the new machine, which will run on just 2 watts of power, has an embedded Linux-based OS, it's hidden from the user and is used mainly to boot up the browser to access common applications.
  • Several startups and open-source projects have built cloud-based operating systems, also known as WebTops, such as DesktopTwo, EyeOS, G.ho.st, and YouOS. To date these have mostly been of interest to the open-source development community, but the advent of browser-based "thin clients" like CherryPal and of projects like Midori indicates that fully cloud-based computing could make its way to the masses. Google is also said to be at work on a cloud OS, while a Swedish startup called Xcerion has gained attention for its hybrid, an XML-based system called iCloud.
  • anonymous on 02 Oct 13
     
    Most quality online stores. Know whether you are a trusted online retailer in the world. Whatever we can buy very good quality. and do not hesitate. Everything is very high quality. Including clothes, accessories, bags, cups. Highly recommended. This is one of the trusted online store in the world. View now www.retrostyler.com
Gonzalo San Gil, PhD.

Paramount Wipes "Infringing" Ubuntu Torrent From Google - TorrentFreak [# ! Note] - 0 views

torrentfreak.com/g-ubuntu-torrent-google-160909

shared by Gonzalo San Gil, PhD. on 12 Sep 16 - No Cached
  • Gonzalo San Gil, PhD. on 12 Sep 16
     
    " Ernesto on September 10, 2016 C: 47 News It's no secret that copyright holders are trying to take down as much pirated content as they can, but targeting open source software is not something we see every day. Paramount Pictures recently sent a DMCA takedown to Google, listing a copy of the popular operating system Ubuntu. An honest mistake, perhaps, but a worrying one."
Paul Merrell

Comcast is turning your Xfinity router into a public Wi-Fi hotspot - Dwight Silverman's... - 0 views

blog.seattlepi.com/...er-into-a-public-wi-fi-hotspot

broadband roll-out wireless-hotspots Comcast

shared by Paul Merrell on 10 Jun 14 - No Cached
  • Some time on Tuesday afternoon, about 50,000 Comcast Internet customers in Houston will become part of a massive public Wi-Fi hotspot network, a number that will swell to 150,000 by the end of June. Comcast will begin activating a feature in its Arris Touchstone Telephony Wireless Gateway Modems that sets up a public Wi-Fi hotspot alongside a residential Internet customer’s private home network. Other Comcast customers will be able to log in to the hotspots for free using a computer, smartphone or other mobile device. And once they log into one, they’ll be automatically logged in to others when their devices “see” them. Comcast says the hotspot – which appears as “xfinitywifi” to those searching for a Wi-Fi connection – is completely separate from the home network. Someone accessing the Net through the hotspot can’t get to the computers, printers, mobile devices, streaming boxes and more sitting on the host network. Comcast officials also say that people using the Internet via the hotspot won’t slow down Internet access on the home network. Additional capacity is allotted to handle the bandwidth. You can read more about Comcast’s reason for doing this in my report on HoustonChronicle.com.
  • What’s interesting about this move is that, by default, the feature is being turned on without its subscribers’ prior consent. It’s an opt-out system – you have to take action to not participate. Comcast spokesman Michael Bybee said on Monday that notices about the hotspot feature were mailed to customers a few weeks ago, and email notifications will go out after it’s turned on. But it’s a good bet that this will take many Comcast customers by surprise. If you have one of these routers and don’t want to host a public Wi-Fi hotspot, here’s how to turn it off.
  • The additional capacity for public hotspot users is provided through a separate channel on the modem called a “service flow,” according to Comcast. But the speed of the connection reflects the tier of the subscriber hosting the hotspot. For example, if you connect to a hotspot hosted by a home user with a 25-Mbps connection, it will be slower than if you connect to a host system on the 50-Mbps tier.
  • Paul Merrell on 10 Jun 14
     
    I didn't see this one coming. I've got a Comcast account and their Arris Gateway modem. In our area, several coffeehouses, etc., that already offered free wireless connections are now broadcasting Comcast Xfinity wireless. So I'm guessing that this is a planned rollout nationwide. 
Gonzalo San Gil, PhD.

ICANN Refuses to Play Piracy Police | TorrentFreak - 0 views

torrentfreak.com/s-to-play-piracy-police-150612

icann refusal play Internet piracy police

shared by Gonzalo San Gil, PhD. on 13 Jun 15 - No Cached
  • Gonzalo San Gil, PhD. on 13 Jun 15
     
    " Ernesto on June 12, 2015 C: 0 News In recent months copyright lobby groups have pressured the domain name system oversight body ICANN to take action against pirate sites. The organization is not happy with these calls and wants them to stop, making it crystal clear that they are not the Internet's piracy police."
Gary Edwards

» 21 Facts About NSA Snooping That Every American Should Know Alex Jones' Inf... - 0 views

www.infowars.com/hat-every-american-should-know

NSA-Patriot-Act-NDAA NSA-Whistleblower PRISM Echelon-SIGINT

shared by Gary Edwards on 19 Jun 13 - No Cached
  • Gary Edwards on 19 Jun 13
     
    NSA-PRISM-Echelon in a nutshell.  The list below is a short sample.  Each fact is documented, and well worth the time reading. "The following are 21 facts about NSA snooping that every American should know…" #1 According to CNET, the NSA told Congress during a recent classified briefing that it does not need court authorization to listen to domestic phone calls… #2 According to U.S. Representative Loretta Sanchez, members of Congress learned "significantly more than what is out in the media today" about NSA snooping during that classified briefing. #3 The content of all of our phone calls is being recorded and stored.  The following is a from a transcript of an exchange between Erin Burnett of CNN and former FBI counterterrorism agent Tim Clemente which took place just last month… #4 The chief technology officer at the CIA, Gus Hunt, made the following statement back in March… "We fundamentally try to collect everything and hang onto it forever." #5 During a Senate Judiciary Oversight Committee hearing in March 2011, FBI Director Robert Mueller admitted that the intelligence community has the ability to access emails "as they come in"… #6 Back in 2007, Director of National Intelligence Michael McConnell told Congress that the president has the "constitutional authority" to authorize domestic spying without warrants no matter when the law says. #7 The Director Of National Intelligence James Clapper recently told Congress that the NSA was not collecting any information about American citizens.  When the media confronted him about his lie, he explained that he "responded in what I thought was the most truthful, or least untruthful manner". #8 The Washington Post is reporting that the NSA has four primary data collection systems… MAINWAY, MARINA, METADATA, PRISM #9 The NSA knows pretty much everything that you are doing on the Internet.  The following is a short excerpt from a recent Yahoo article… #10 The NSA is suppose
Gary Edwards

Opt out of PRISM, the NSA's global data surveillance program - PRISM BREAK - 0 views

prism-break.org

PRISM Peng-Zhong Edward-Snowden NSA-Patriot-Act-NDAA

shared by Gary Edwards on 19 Jun 13 - No Cached
  • Gary Edwards on 19 Jun 13
     
    "Opt out of PRISM, the NSA's global data surveillance program. Stop reporting your online activities to the American government with these free alternatives to proprietary software." A designer named Peng Zhong is so strongly opposed to PRISM, the NSA's domestic spying program, that he created a site to educate people on how to "opt out" of it. According to the original report that brought PRISM to public attention, the nine companies that "participate knowingly" with the NSA are Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, and Apple. Zhong's approach is to replace your workflow with open-source tools that aren't attached to these companies, since they easily stay off the government's radar. If you want to drop totally off the map, it'll take quite a commitment.   Are you ready to give up your operating system?  The NSA tracks everything on Windows, OSX and Google Chrome.  You will need to switch to Debian or some other brand of GNU Linux!  Like Mint!!!!! Personally I have switched from Google Chrome Browser to Mozilla Firefox using the TOR Browser Bundle - Private mode.
Gary Edwards

EDWARD SNOWDEN: Email Encryption Works Against The NSA - Business Insider - 0 views

www.businessinsider.com/n-works-against-the-nsa-2013-6

Encryption Cryptography Crypto NSA-Patriot-Act-NDAA PRISM Echelon-SIGINT

shared by Gary Edwards on 19 Jun 13 - No Cached
  • PGP stands for "Pretty Good Privacy." It uses two "keys," one publicly viewable to the world, the other kept solely to yourself. You can generate PGP keys to your heart's content using the free tool at iGolder and a number of other services around the web.
  • Gary Edwards on 19 Jun 13
     
    Article covers encryption method "PGP', and encryption tools from "iGolder".  There is also a Chrome Browser plugin for gmail based on "OpenPGP" available but comes with lousy reviews.  Seems there are difficulties with the interface and a complicated method. "Article 12 of the UN's Universal Declaration of Human Rights states that "no one shall be subjected to arbitrary interference with his privacy, family, home, or correspondence." It's that last one that's gotten everyone's attention lately. Just how private is your correspondence online? Depending on your politics, NSA whistleblower Edward Snowden is either a vile turncoat or a revered hero, but either way he has advice on how to stay two steps ahead of the NSA. He held an awesome "press conference" of sorts on The Guardian's website, taking written questions from readers and typing out his answers online. We were most intrigued by his response to a question about encryption. If someone wants to stay off the NSA's radar, could he or she encrypt emails and send them without arousing any suspicion? Snowden's response: "Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.""
Paul Merrell

Microsoft Ordered to Delete Browser - NYTimes.com - 0 views

www.nytimes.com/...17soft.html

Microsoft Opera DG Competion MSIE Windows tying antitrust

shared by Paul Merrell on 17 Jan 09 - Cached
  • BRUSSELS (AP) — The European Union said Friday that Microsoft’s practice of selling the Internet Explorer browser together with its Windows operating system violated the union’s antitrust rules. It ordered the software giant to untie the browser from its operating system in the 27-nation union, enabling makers of rival browsers to compete fairly.
  • Paul Merrell on 17 Jan 09
     
    The Times goes farther than the DG Competition announcement, saying that Microsoft has been ordered to untie MSIE from Windows throughout the E.U. No source is attributed for the statement. The DG Competition announcement does not state what remedy it proposes to order. So take this report with a grain of salt. The Times is well capable of error.
Gary Edwards

Petabytes on a budget: How to build cheap cloud storage | Backblaze Blog - 0 views

blog.backblaze.com/...w-to-build-cheap-cloud-storage

CAR-MLS-Cloud BackBlaze Cloud-Computing

shared by Gary Edwards on 01 Sep 09 - Cached
  • Gary Edwards on 01 Sep 09
     
    Amazing must read!  BackBlaze offers unlimited cloud storage/backup for $5 per month.  Now they are releasing the "storage" aspect of their service as an open source design.  The discussion introducing the design is simple to read and follow - which in itself is an achievement.   They held back on open sourcing the BackBlaze Cloud software system, which is understandable.  But they do disclose a Debian Linux OS running Tomcat over Apache Server 5.4 with JFS and HTTPS access.  This is exciting stuff.  I hope the CAR MLS-Cloud guys take notice.  Intro: At Backblaze, we provide unlimited storage to our customers for only $5 per month, so we had to figure out how to store hundreds of petabytes of customer data in a reliable, scalable way-and keep our costs low. After looking at several overpriced commercial solutions, we decided to build our own custom Backblaze Storage Pods: 67 terabyte 4U servers for $7,867. In this post, we'll share how to make one of these storage pods, and you're welcome to use this design. Our hope is that by sharing, others can benefit and, ultimately, refine this concept and send improvements back to us. Evolving and lowering costs is critical to our continuing success at Backblaze.
Gonzalo San Gil, PhD.

Threat filtering: Strategizing serious threat detection | ZDNet - 0 views

www.zdnet.com/us-threat-detection-7000033161

threat filtering detection strategy Violet Blue zdnet Internet

shared by Gonzalo San Gil, PhD. on 08 Sep 14 - No Cached
  • Gonzalo San Gil, PhD. on 08 Sep 14
     
    - Violet Blue "Analyze the threat. Identify the target. What's the payload? Analyze your systems. Can the threat impact your enterprise? Does this impact a critical function, or a critical part of your infrastructure? Take immediate action on the serious threats, prioritize and monitor the rest. (Mitigation; remediation.)"
Paul Merrell

Canadian Spies Collect Domestic Emails in Secret Security Sweep - The Intercept - 0 views

firstlook.org/...ony-express-email-surveillance

surveillance state Canada CSE bulk-collection email

shared by Paul Merrell on 27 Feb 15 - No Cached
  • Canada’s electronic surveillance agency is covertly monitoring vast amounts of Canadians’ emails as part of a sweeping domestic cybersecurity operation, according to top-secret documents. The surveillance initiative, revealed Wednesday by CBC News in collaboration with The Intercept, is sifting through millions of emails sent to Canadian government agencies and departments, archiving details about them on a database for months or even years. The data mining operation is carried out by the Communications Security Establishment, or CSE, Canada’s equivalent of the National Security Agency. Its existence is disclosed in documents obtained by The Intercept from NSA whistleblower Edward Snowden. The emails are vacuumed up by the Canadian agency as part of its mandate to defend against hacking attacks and malware targeting government computers. It relies on a system codenamed PONY EXPRESS to analyze the messages in a bid to detect potential cyber threats.
  • Last year, CSE acknowledged it collected some private communications as part of cybersecurity efforts. But it refused to divulge the number of communications being stored or to explain for how long any intercepted messages would be retained. Now, the Snowden documents shine a light for the first time on the huge scope of the operation — exposing the controversial details the government withheld from the public. Under Canada’s criminal code, CSE is not allowed to eavesdrop on Canadians’ communications. But the agency can be granted special ministerial exemptions if its efforts are linked to protecting government infrastructure — a loophole that the Snowden documents show is being used to monitor the emails. The latest revelations will trigger concerns about how Canadians’ private correspondence with government employees are being archived by the spy agency and potentially shared with police or allied surveillance agencies overseas, such as the NSA. Members of the public routinely communicate with government employees when, for instance, filing tax returns, writing a letter to a member of parliament, applying for employment insurance benefits or submitting a passport application.
  • Chris Parsons, an internet security expert with the Toronto-based internet think tank Citizen Lab, told CBC News that “you should be able to communicate with your government without the fear that what you say … could come back to haunt you in unexpected ways.” Parsons said that there are legitimate cybersecurity purposes for the agency to keep tabs on communications with the government, but he added: “When we collect huge volumes, it’s not just used to track bad guys. It goes into data stores for years or months at a time and then it can be used at any point in the future.” In a top-secret CSE document on the security operation, dated from 2010, the agency says it “processes 400,000 emails per day” and admits that it is suffering from “information overload” because it is scooping up “too much data.” The document outlines how CSE built a system to handle a massive 400 terabytes of data from Internet networks each month — including Canadians’ emails — as part of the cyber operation. (A single terabyte of data can hold about a billion pages of text, or about 250,000 average-sized mp3 files.)
  • ...1 more annotation...
  • The agency notes in the document that it is storing large amounts of “passively tapped network traffic” for “days to months,” encompassing the contents of emails, attachments and other online activity. It adds that it stores some kinds of metadata — data showing who has contacted whom and when, but not the content of the message — for “months to years.” The document says that CSE has “excellent access to full take data” as part of its cyber operations and is receiving policy support on “use of intercepted private communications.” The term “full take” is surveillance-agency jargon that refers to the bulk collection of both content and metadata from Internet traffic. Another top-secret document on the surveillance dated from 2010 suggests the agency may be obtaining at least some of the data by covertly mining it directly from Canadian Internet cables. CSE notes in the document that it is “processing emails off the wire.”
‹ Previous 21 - 40 of 76 Next › Last »
Showing 20 items per page