Gentlemachines
Follow
Find tag "espionage"
2.4K views | +0 today
Gentlemachines
What's new at the crossroads of culture, technology and science
Curated by Artur Alves
Your new post is loading...
Your new post is loading...
Scooped by Artur Alves
Scoop.it!

Wild at Heart: Were Intelligence Agencies Using Heartbleed in November 2013?

Wild at Heart: Were Intelligence Agencies Using Heartbleed in November 2013? | Gentlemachines | Scoop.it
Yesterday afternoon, Ars Technica published a story reporting two possible logs of Heartbleed attacks occurring in the wild, months before Monday's public disclosure of the vulnerability. It would be very bad news if these stories were true, indicating that blackhats and/or intelligence agencies may have had a long period when they knew about the attack and could use it at their leisure.
Artur Alves's insight:

«EFF called for further evidence of Heartbleed attacks in the wild prior to Monday. The first thing we learned was that the SeaCat report was a possible false positive; the pattern in their logs looks like it could be caused by ErrataSec's masscan software, and indeed one of the source IPs was ErrataSec.

The second log seems much more troubling. We have spoken to Ars Technica's second source,Terrence Koeman, who reports finding some inbound TLS packets, immediately following the completion of a handshake, with the TCP payload bytes 18 03 02 00 03 01 40 00 in ingress packet logs from November 2013. These bytes are a TLS Heartbeat with contradictory length fields, and are the same as those in the widely circulated proof-of-concept exploit.«

more...
No comment yet.
Scooped by Artur Alves
Scoop.it!

This is how the fear of government snooping takes its toll on tech companies

This is how the fear of government snooping takes its toll on tech companies | Gentlemachines | Scoop.it
Two very different technology offerings were dropped on Thursday because of fears that the US and China might be trying to spy on the customers using them.
Artur Alves's insight:

Can cyberespionage be the first nail on the coffin for internet business?

more...
No comment yet.
Scooped by Artur Alves
Scoop.it!

GCHQ taps fibre-optic cables for secret access to world's communications

GCHQ taps fibre-optic cables for secret access to world's communications | Gentlemachines | Scoop.it
Exclusive: British spy agency collects and stores vast quantities of global email messages, Facebook posts, internet histories and calls, and shares them with NSA, latest documents from Edward Snowden reveal...
Artur Alves's insight:

"The sheer scale of the agency's ambition is reflected in the titles of its two principal components: Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. This is all being carried out without any form of public acknowledgement or debate.

One key innovation has been GCHQ's ability to tap into and store huge volumes of data drawn from fibre-optic cables for up to 30 days so that it can be sifted and analysed. That operation, codenamed Tempora, has been running for some 18 months.

GCHQ and the NSA are consequently able to access and process vast quantities of communications between entirely innocent people, as well as targeted suspects."

more...
No comment yet.
Scooped by Artur Alves
Scoop.it!

Cyber Menace: Digital Spying Burdens German-Chinese Relations - SPIEGEL ONLINE

Cyber Menace: Digital Spying Burdens German-Chinese Relations - SPIEGEL ONLINE | Gentlemachines | Scoop.it
Companies like defense giant EADS or steelmaker ThyssenKrupp have become the targets of hacker attacks from China.
Artur Alves's insight:

/snip "Very few companies in Europe are as strategically important as the European Aeronautic Defense and Space Company (EADS). It makes the Eurofighter jet, drones, spy satellites, and even the carrier rockets for French nuclear weapons.

 

 

Not surprisingly, the German government reacted with alarm last year when EADS managers reported that their company, which has its German administrative headquarters near Munich, was attacked by hackers. The EADS computer network contains secret design plans, aerodynamic calculations and cost estimates, as well as correspondence with the governments in Paris and Berlin. Gaining access to the documents would be like hitting the jackpot for a competitor or a foreign intelligence agency."

more...
No comment yet.
Scooped by Artur Alves
Scoop.it!

Snowden leak examines gaming as a terrorist propaganda and training tool

Snowden leak examines gaming as a terrorist propaganda and training tool | Gentlemachines | Scoop.it
66-page report lays out intelligence concerns both practical and fantastical.
Artur Alves's insight:

"The latest document dump from former National Security Agency contractor Edward Snowden is getting a lot of deserved attention for revelations that international security agencies are taking steps to monitor communications inside online games. But those leaked documents also include an in-depth report on the potential for games to be used as recruitment, training, and propaganda tools by extremist organizations.

Security contractor SAIC produced the 66-page report "Games: A look at emerging trends, users, threats and opportunities in influence activities" in early 2007, and the document gives a rare window into how the US intelligence community views interactive games as a potential tool to be used by foreign actors. While parts of the report seem pretty realistic about gaming's potential use as a propaganda and planning tool, other sections provide a more fantastical take on how video games can be used as potential weapons by America's enemies."

more...
No comment yet.
Scooped by Artur Alves
Scoop.it!

How the US (probably) spied on European allies’ encrypted faxes

How the US (probably) spied on European allies’ encrypted faxes | Gentlemachines | Scoop.it
Grainy image stokes speculation of old-school, Tempest-style attack.
Artur Alves's insight:

"US intelligence services implanted bugging tools into cryptographic facsimile devices to intercept secret communications sent or received by the European Union's Washington, DC outpost, according to the latest leak from former National Security Agency staffer Edward Snowden. Technical details are scarce, but security experts reading between the lines say the program probably relies on an old-school style of espionage that parses electric currents, acoustic vibrations, and other subtle types of energy to reveal the contents of encrypted communications."

more...
No comment yet.
Scooped by Artur Alves
Scoop.it!

Decoys Entrap Hackers Who Trawl the Internet Trying to Tamper with Industrial Control Systems | MIT Technology Review

Decoys Entrap Hackers Who Trawl the Internet Trying to Tamper with Industrial Control Systems | MIT Technology Review | Gentlemachines | Scoop.it
Dummy water-plant control systems rapidly attracted attention from hackers who tinkered with their settings—suggesting it happens to real industrial systems, too.
Artur Alves's insight:

Honeypots help revealing the real extent of cyber espionage.

"Just 18 hours after security researcher Kyle Wilhoit connected two dummy industrial control systems and one real one to the Internet, someone began attacking one of them, and things soon got worse. Over the course of the experiment, conducted during December 2012, a series of sophisticated attacks were mounted on the “honeypots,” which Wilhoit set up to find out how often malicious hackers target industrial infrastructure."

more...
No comment yet.
Scooped by Artur Alves
Scoop.it!

Prosecution of Anonymous activists highlights war for Internet control

Prosecution of Anonymous activists highlights war for Internet control | Gentlemachines | Scoop.it
Glenn Greenwald: The US and allied governments exploit both law and cyber-attacks as a weapon to punish groups that challenge it
Artur Alves's insight:

"The issue here is not whether Anonymous activists can be rightfully prosecuted: acts of civil disobedience, by definition, are violations of the law designed to protest or create a cost for injustices. The issue is how selectively these cyber-attack laws are enforced: massive cyber-attacks aimed at a group critical of US policy (WikiLeaks) were either perpetrated by the US government or retroactively sanctioned by it, while relatively trivial, largely symbolic attacks in defense of the group were punished with the harshest possible application of law enforcement resources and threats of criminal punishment.

That the US government largely succeeded in using extra-legal and extra-judicial means to cripple an adverse journalistic outlet is a truly consequential episode: nobody, regardless of one's views on WikiLeaks, should want any government to have that power. But the manifestly overzealous prosecutions of Anonymous activists, in stark contrast to the (at best) indifference to the attacks on WikiLeaks, makes all of that even worse. In line with itsunprecedented persecution of whistleblowers generally, this is yet another case of the US government exploiting the force of law to entrench its own power and shield its actions from scrutiny."

more...
No comment yet.