Matt

Sistemul de operare Mac incepe sa cucereasca si casele romanilor treptat, treptat si desi virusii sunt inca timizi si nu foarte multi, istoria recenta de atacuri prin troieni a demonstrat ca sunt o amenintare demna de luat in seama. Av-Comparatives a evaluat si certificat 8 produse de securitate pentru Mac OS si a tras cateva concluzii interesante pe care vi le prezint si eu mai jos. Pentru inceput, functionalitatea pe Mac este redusa comparativ cu Windows-ul, insa lucrurile vor sta altfel in scurt timp, pe masura ce solicitarile vor fi mai mari. S-a efectuat un test al detectiei anti-malware pe un set de 20 de mostre infectate. Cu exceptia Quick Heal, toate programele antivirus au avut detectie de 100%. Legat de alarmele false, niciunul din programe nu a generat astfel de alerte pe un set de programe si fisiere curate. Avira Free Mac Security este un produs gratuit, ce poate tine piept cu succes solutiilor contra cost si are o interfata grafica prietenoasa si usor de utilizat. Ca sugestii se recomanda adaugarea unei notificari in cazul detectiei virusilor si optiunea de a detecta virusii atat la accesare, cat si la executie prin componenta de protectie in timp real. ESET Cyber Security Pro pentru Mac a impresionat printr-o gama variata de functii: antivirus, firewall, parental control etc. Este de departe cel mai complex produs testat si isi pastreaza de asemenea si interfata grafica prietenoasa. F-Secure pentru Mac are o protectie excelenta, insa cu notificari usor neclare si o interfata grafica neadaptata in totalitate sistemului Mac. Intego Mac Premium Bundle contine antivirus, firewall, control parental, protectia identitatii, backup si control al intimitatii online. Este un produs cu o detectie foarte buna. Kaspersky Security pentru Mac ofera si scanner web, alaturi de un control parental eficient si puternic. In plus contine si o tastatura virtuala. Quick Heal Total Security for Mac este un produs nou, care nu primeste certificarea AV-Comparatives datorita protectiei ineficiente anti-malware. Sophos Anti-Virus for Mac Home Edition are o detectie buna, cu o interfata grafica nu foarte prietenoasa. ZeoBit MacKeeper are o gama larga de componente: antivirus, anti-furt si optimizarea sistemului. Este o suita completa si complexa destinata expertilor si entuziastilor Mac, mai putin incepatorilor. Toate produsele au fost testate in amanuntime si detaliile complete le puteti vizualiza aici : AV-Comparatives Mac Reviews / Tests

Description : afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided. Changes: Three new classes were added: Afick::Aliases, Afick::Macros, and Afick::Directives. A new macro was added: archive_retention. On Windows, installation of the Tk module is now forced. afickonfig now works on all config types. An inconsistency between command line parameters and config directives was fixed. Download : Here

Description OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security. Changes: This release adds an option for 'ods-ksmutil key generate' to take the number of zones as a parameter. Several important bugfixes have been made. Download : Here

Description : GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. Changes: With gpg-agent, by default users are now asked via the Pinentry whether they trust an X.509 root key. To prohibit interactive marking of such keys, the new option --no-allow-mark-trusted may be used. The command KEYINFO has options to add info from sshcontrol for gpg-agent. The included ssh agent now supports ECDSA keys. The new option --enable-putty-support allows gpg-agent to act on Windows as a Pageant replacement with full smartcard support. This release supports installation as a portable application under Windows. Download : Here

Salut si eu vreau 10 pepeni. Multumesc.

Tech giants Facebook and Yahoo have joined Microsoft and Google in formally petitioning the US government to let them publish information detailing the Foreign Intelligence Surveillance Act (FISA) requests they received from the NSA as a part of the agency's notorious PRISM campaign. Google, which filed its original petition last month, updated its request on 9 September following weeks of government stalling. The search giant's director of law enforcement and information security, Richard Salgado, and director of public policy and government affairs, Pablo Chavez, confirmed filing the petition in a public blog post. The two Google directors said the firm would also make a similar request during a meeting with the President's Group on Intelligence and Communications Technologies scheduled for Monday. "Today we filed an amended petition in the US Foreign Intelligence Surveillance Court. This petition mirrors the requests made to Congress and the President by our industry and civil liberties groups in a letter earlier this year. Namely, that Google be allowed to publish detailed statistics about the types (if any) of national security requests we receive under the Foreign Intelligence Surveillance Act, including Section 702. Given the important public policy issues at stake, we have also asked the court to hold its hearing in open rather than behind closed doors. It's time for more transparency," read the blog post. "In addition, along with a number of other companies and trade associations, we are meeting the President's Group on Intelligence and Communications Technologies today. We'll reiterate the same message there: that the levels of secrecy that have built up around national security requests undermine the basic freedoms that are at the heart of a democratic society." Meanwhile, Facebook and Yahoo have joined the fray, each filing their own petitions asking to release more information on the extent of government requests made to them. Facebook's general counsel Colin Stretch echoed the industry response, saying: "The actions and statements of the US government have not adequately addressed the concerns of people around the world about whether their information is safe and secure with internet companies. "We believe there is more information that the public deserves to know, and that would help foster an informed debate about whether government security programmes adequately balance privacy interests when attempting to keep the public safe." Facebook's petition asked to publish the total number of orders it receives relating to physical searches, business records and wiretap orders, as well as the total number of users who had their messages and other personal content released. Yahoo also filed a petition similar to Google's, naming specific FISA orders on which it wanted to publish more details. In August, Microsoft said that it was standing with Google on the issue, with Microsoft's general counsel Brad Smith confirming the two companies planned to work together in their bid to release FISA request information. Prior to Microsoft and Google's joint announcement, Yahoo won a court order allowing the declassification of documents that reveal its efforts fighting the NSA's data requests. News of the PRISM scandal broke in July this year when ex-CIA analyst Edward Snowden leaked classified documents to the press. The documents showed the NSA is siphoning vast amounts of user data from big-name tech companies. Outside of its petition to the US government, Google has mounted several other initiatives designed to help protect its customers. Most recently reports broke that Google is rushing to encrypt information stored and passing through its data centres, before the NSA has a chance to scan it. Source V3.CO.UK

An espionage campaign believed to stem from North Korea targeting numerous South Korean government and military departments has been uncovered by Kaspersky Lab researchers. The researchers reported linking a number of targeted attacks hitting 11 organisations based in South Korea and two entities in China. Targets include the Sejong Institute, Korea Institute for Defense Analyses (KIDA), South Korea's Ministry of Unification, Hyundai Merchant Marine and the supporters of Korean unification. The attacks reportedly started appearing on 3 April and use an "unsophisticated" Trojan spy program called Kimsuky. Vitaly Kamluk, chief malware expert in Kaspersky Lab's global research and analysis team, told V3 the malware is particularly interesting as it has an atypical focus on collecting Hangul Word Processor (HWP) files and includes code that disables security tools from prominent South Korean security firm, AhnLab. “Technical analysis of the malware gives us an idea that we have encountered work of amateur virus-writers. Besides the unsophisticated spy program, which communicated with its ‘master’ via a Bulgarian public e-mail server, there are a lot of malicious programs involved in this campaign, but strangely, they each implement a single spying function,” he said. “For example, the Kimsuky malware contains a dedicated malicious program designed for stealing HWP files. Also, there is a special module responsible only for disabling the system firewall and security tools from AhnLab, a South Korean anti-malware company. One more interesting feature of this malware is that the attackers are using a modified version of the legitimate software – the TeamViewer remote access application – to serve as a back door to get access to any files from the infected machines.“ The focus on HWP file collection indicates that the attack is bespoke designed to steal military and government documents. HWP is a common file format used by South Korean agencies, which currently use the Hancom Office bundle word processing application as opposed to Microsoft's more common Word application. Kamluk said upon further analysis they discovered two pieces of evidence suggesting that the attack is of North Korean origin. “First of all, profiles of the targets speak for themselves – South Korean universities conducting research on international affairs and producing defence policies for government, a national shipping company, and support groups for Korean unification. Secondly – a compilation path string containing Korean words (for example, some of them could be translated as English commands ‘attack’ and ‘completion’,” he said. He added that the firm was able to link the campaign to two email address, which appeared to originate to IP addresses within ranges of the Jilin Province Network and Liaoning Province Network in China, a region that acts as a base for internet service providers (ISPs) believed to have strong ties with North Korea. “Third – two email addresses to which bots send reports on status and transmit infected system information via attachments – iop110112@hotmail.com and rsh1213@hotmail.com – are registered with the following ‘kim’ names: ‘kimsukyang’ and ‘Kim asdfa’,” he said. “Even though this registration data does not provide hard data about the attackers, the source IP-addresses of the attackers fit the profile: there are 10 originating IP-addresses, and all of them lie in ranges of the Jilin Province Network and Liaoning Province Network in China. The ISPs providing internet access in these provinces are also believed to maintain lines into parts of North Korea.” Source V3.CO.UK

Haide mars la tine in pivnita.

Romanian Security Proshit n-a copiat Romanian Security Team.Aceste 2 denumiri n-au nimic in comun, ai mare dreptate.

RSPCacat - nu meritau sa aiba asemenea thread pe RST. So..

Nytro : Postezi cam multe stiri, pe wildchild il dor picioarele cand le citeste. * Interesant

RST - Romanian Security Team RSP - Romanian Security Project. Really?

Daca tot dai lectii de gramatica sa stii ca se scrie " apuca-te " . "te" Pe cine apuca ? Pe tine "te".

Hai du-te.

Eu zic sa iti iei kalashu si sa zbori pe comunitatea ta de copii forjati sub 14 ani ce dau cu floodu de tastatura.

Compania Microsoft a decis s? cumpere divizia de telefoane ?i cea de patente ale companiei Nokia pentru suma de 5,4 miliarde de euro, iar comoania finlandez? iese astfel dintr-un business pe care l-a dominat ani de-a rândul. Acordul dintre Microsoft ?i Nokia cuprinde 3,79 de miliarde de euro pentru divizia de telefoane ?i înc? 1,6 miliarde pentru patente. Dup? aceast? tranzac?ie, fostul lider mondial în produc?ia de telefoane mobile î?i va concentra activitatea pe servicii ?i re?ele, decizie calificat? de pre?edintele Nokia, Risto Siilasmaa, drept "cel mai bun drum pentru a merge mai departe, atât pentru Nokia cât ?i pentru ac?ionarii ei". Tranzac?ia se va realiza efectiv la începutul anului viitor, când circa 32.000 de angaja?i ai Nokia vor fi transfera?i c?tre Microsoft. Unii anali?ti au îndoieli c? aceast? tranzac?ie va fi profitabil? pentru Microsoft. 'Atât Nokia cât ?i Microsoft au pierdut trenul atunci când este vorba de smartphones ?i este foarte dificil de recuperat decalajul pierdut. Întrebarea este dac? prin combinarea a dou? companii slabe va rezulta un nou competitor puternic. M? îndoiesc', a ar?tat analistul Paul Budde. Microsoft are dificult??i în condi?iile în care consumatorii migreaz? de la computere personale care utilizeaz? sistemul de operare Windows la dispozitive mobile. La rândul s?u, Nokia se confrunt? cu dificult??i ca urmare a cererii slabe pentru telefoanele sale mobile pe fondul concuren?ei cu telefoanele mobile marca Apple Inc. ?i cu produc?torii care utilizeaz? sistemul de operare Android. Nokia, unul din pionierii telefoanelor mobile, a pierdut teren în fa?a rivalilor Apple ?i Samsung Electronics dup? lansarea iPhone în 2007. În urm? cu doi ani directorul general de la Nokia, Stephen Elop, fost director la Microsoft, a comparat situa?ia companiei finlandeze cu cea a unui om care lucreaz? pe o platform? petrolier? în fl?c?ri din Marea Nordului ale c?rui singure op?iuni sunt s? r?mân? pe platform? sau s? se arunce în ap? ?i s? încerce s? se salveze. Sub conducerea lui Elop, Nokia a încheiat o alian?? cu Microsoft ?i a început s? utilizeze sistemul de operare Windows Phone pentru telefoanele sale, îns? aceasta nu a dat rezultatele scontate. Potrivit firmei de cercetare de pia?? IDC, doar 3% din smartphone-urile livrate la nivel mondial în primul trimestru al acestui an erau echipate cu sistemul de operare Windows Phone, fa?? de 75% cu sistemul Android. În anul 2011, Nokia a decis s? închid? fabrica din localitatea Jucu din jude?ul Cluj, dup? ce a investit 60 de milioane de euro în aceast? întreprindere inaugurat? în 2008. Source Capital.Ro

Ar trebui sa faci un post sticky unde sa putem posta diverse link-uri gasite de noi.Exemplu : https://rstforums.com/forum/74909-tdl3-source-code-c.rst#post483687 Daca mai se gasesc din astea pe pastebin sa fie postate unul sub celalalt.Restul posturilor sa fie tutoriale sau alte informatii utile dar bine prezentate.

Asta daca era postat de mine ziceau cainii ca vanez posturi.Ce sa inteleg din el ? Ma refer ca trebuie facuta o descriere ceva..

Hack-defeating QKD protocol validated in two sets of tests Over recent years, the gap between theoretical security of quantum crytography and practical implementation has provided plenty of fun for super-geniuses the world over. Yes, quantum cryptography is supposed to be unbreakable. After all, if anybody even observes the state of a qubit that Alice has prepared, entangled with another and sent to Bob, the entanglement is destroyed, and Bob will know something's wrong. However, practical implementations of quantum cryptography left various possible attack vectors. To close these attacks (described in more detail below), the quantum crypto community proposed a new protocol, MDI-QKD (measurement device independent quantum key distribution), and now, two research groups working independently have verified that MDI-QKD gets a long way towards a provably-secure quantum crypto scheme. One group worked out of Canada's University of Calgary (paper available at Arxiv, here), while the other was an international group comprising researchers from the University of Science and Technology, Hefei, Tsinghua University in Beijing, and Stanford University. The scheme common to the two tests is to include a third party, Charlie, in the key-exchange process. First proposed by Hoi-Kwong Lo at the University of Toronto, the protocol asks Charlie to perform a single measurement on both Alice's and Bob's photons to determine whether their pulses are polarised at right angles to each other. Importantly, the Charlie detector doesn't report on Alice's / Bob's polarisation – only the difference between their polarisations. Hence: if both Alice and Bob send vertically polarised pulses, Charlie will tell Bob “no”, Bob will adjust his polarisation, and Alice and Bob will use this as their key. Otherwise, Charlie will tell Bob “yes”, and the two ends will use their key without adjustment. Since Charlie never reports polarisation values, all a third party (Eve) would be able to determine is whether Alice and Bob are synchronised. Eve can't tell from observing Charlie what the secret negotiated between Alice and Bob is. The Canadian experiment took the MDI-QKD proposal on a field test – not using it to generate random keys, but to determine whether the measurement scheme would work over realistic distances. Charlie was kept on campus, while Alice and Bob were 6 km and 12 km away, respectively. In the US-China test, Alice, Bob and Charlie were confined to the lab (albeit using a 50 km fibre on a reel): their test was demonstrating that MDI-QKD allows truly random keys to be generated. Not only that, but the test showed that realistic key generation rates of 25 kbit secure keys can be generated using the technique. In both cases, the answer was “yes”. So while companies making commercial QKD kit had already started responding to the earlier attacks, there is now a protocol available for future designs. ® Bootnote: Attack types Let's look first at working with a single photon. If the eavesdropper, Eve, takes a guess at the polarisation Alice is sending, and gets it right, Bob will see a bright pulse from Eve and register it as a hit. If she gets it wrong, the avalanche photodiode at Bob's end would receive too dim a light to register anything at all – it would be a missed pulse and would count not as a “yes” or “no”, but as an error. The problem here is that in older schemes, Bob might expect an error rate as high as 20 percent. That gives Eve enough opportunities to test her guesses before Bob decides the channel is considered to be compromised. And no, El Reg is not aware of any successful real world attacks using these techniques. Source TheRegister.Co.Uk

Topicul ala nu a fost inchis degeaba.Evitati off-topicul si topicurile de cacat.Sa discutati un subiect de IT nu ai face un topic .. te intereseaza asa de mult Siria.

Ai o gandire precum numele tau.

Probabil in loc de comand a vrut sa scrie condamn.

wildchid : Pe americani nu ii mai intereseaza de mult timp economia altora.Ei au bani cacalau.Criza financiara a fost un boom pentru ei, au ordonat-o, au vrut sa slabeasca celelalte mari puteri economice.Ei vor sa fie avansati in domeniul militar,informatic.Ei se gandesc cum sa duca razboaie in spatiu,cum sa construiasca o lume in spatiu. Ganditi-va ca tot ce se intampla in lume este manipulat, totul dar absolut totul.Totul este un "Chaos"

Unele dintre ele le poti deduce si singur. Eu fiind viitor inginer, se mai afla cateva lucruri lucrand intr-un anumit domeniu.

1.America a manipulat ( si inca o face ) criza economica. 2.America e singura "tara" care are o trezorerie privata. 3.America a ajuns in stadiul de a experimenta lucruri pe care altii nici macar nu si le inchipuie : vor sa traga cu un fir de grosime 2 mm o greutate de 10 + tone. 4.Americanii au ajuns sa produca prototipuri de oameni.Platesc femei cu 5000 EURO ca sa le nasca lor 10 copii apoi sa ii testeze pe diverse experimente. 5.Se spune ca americanii au ajuns sa aiba propriile ferme UMANE. 6.In anii 90 cei de la NASA aveau sisteme touchscreen cu ecranul de 2 mm. Unora o sa li se para SF-uri ce am scris eu mai sus, dar sa stiti ca nu este.