Usr6

Panda antivirus labels itself as malware, then borks EVERYTHING Spanish security firm in baffling tail-chasing auto-immune kerfuffle Panda users had a bad hair day on Wednesday, after the Spanish security software firm released an update that classified components of its own technology as malign. As a result, enterprise PCs running the antivirus software tied themselves in something of a knot, leaving some systems either unstable or unable to access the internet. A Panda spokesman confirmed the problem while advising that the issue was well in hand. "A bad update was published temporarily today [Wednesday] that resulted in some system files being detected by the Panda engine, a replacement update was promptly published removing the error and restoring the wrongly quarantined files," a Panda representative told El Reg. "At present we recommend NOT rebooting systems. This will allow us to update the system with the amended update. This update will also restore files previously detected," he added. An official advisory on the problem says that the issue was limited to Panda Cloud Office Protection, Retail 2015 products and Panda Free AV. Users are strongly advised not to restart their computer until a fix is available. El Reg heard about the Panda slip-up via a tip from reader Austin, who ought to be excused claiming overtime on the back of the problem. "Dozens of installs of Panda Antivirus across multiple sites all just detected components of itself as a virus, simultaneously," Austin explained. "Perhaps 60 in total across five sites, out of an installed base of around 300." "If you let it disinfect 'the problem' with a reboot, you have no network access post-reboot." "Files we've seen 'detected' include psanmodrep.dll and alertsmanager.dll – both key components of Panda Antivirus itself," he added. Users of Panda's antivirus took to Twitter to air their woes. Any of you with Panda Anti Virus - DO NOT REBOOT YOUR COMPUTER!!!! @panda_Security for updates- I've just lost 20 computers Worst antivirus every. Panda has today wiped files from system32 leaving rebooted computers bricked. Do not reboot, update Panda. False positives involving antivirus updates have affected all vendors from time to time. The consequent problems are at their worst when Windows operating system files are falsely classified as potentially malign and quarantined, resulting in unusable Windows systems. Panda's auto-immune screw-up would have caused comparable problems. Sursa: Panda antivirus labels itself as malware, then borks EVERYTHING • The Register

n00bs CTF (Capture the Flag) Labs is a web application presented by Infosec Institute. It has 15 mini Capture the Flag challenges intended for beginners and newbies in the information security field or for any average infosec enthusiasts who haven’t attended hacker conventions yet. Capture the Flag is a game event which has challenges that vary from exploitation, CrackMes, crypto, forensic, web security, logical games, wireless security, and many more. This exercise is meant as an educational experience – about learning and developing your skills for the greater long term good. But we do want this to be fun, too! For that reason, we are offering cash bounties totaling $1200 for people successfully winning up to three flags and posting helpful write-ups online. (Details provided on the CTF site, accessed through the form below.) Register: n00bs CTF Labs by Infosec Institute - InfoSec Institute

chiar frumos

@giv ala desi pare a fi hash, nu e. Incearca un string reverse urmat de o transformare din baza 64 in ascii

This is the story of how a handful of cryptographers 'hacked' the NSA. It's also a story of encryption backdoors, and why they never quite work out the way you want them to. But I think I'm getting ahead of myself a bit here. Today's Washington Post has the story of a nasty bug in some TLS/SSL servers and clients, one that has the potential to downgrade the security of your TLS connections to something that isn't really secure at all. In this post I'm going to talk about the technical aspects of the attack, why it matters, and how bad it is. If you don't want to read a long blog post, let me give you a TL;DR: A group of cryptographers at INRIA, Microsoft Research and IMDEA have discovered some serious vulnerabilities in OpenSSL (e.g., Android) clients and Apple TLS/SSL clients (e.g., Safari) that allow a 'man in the middle attacker' to downgrade connections from 'strong' RSA to 'export-grade' RSA. These attacks are real and exploitable against a shocking number of websites -- including government websites. Patch soon and be careful. You can find a detailed description of the work by the researchers -- Beurdouche, Bhargavan, Delignat-Lavaud, Fournet, Kohlweiss, Pironti, Strub, Zinzindohoue, Zanella-Béguelin -- at their site SmackTLS.com. You should go visit that site and read about the exploits directly. The proof of concept implementation also involved contributions from Nadia Heninger at U. Penn. I'm going to explain the rest of it in the 'fun' question and answer format I save for this kind of attack. What is SSL/TLS and what are ‘EXPORT cipher suites’ anyway? In case you’re not familiar with SSL and its successor TLS, what you should know is that they're the most important security protocols on the Internet. In a world full of untrusted networks, SSL and TLS are what makes modern communication possible. Or rather, that’s the theory. In practice, SSL and TLS have been a more like a work in progress. In part this is because they were developed during an era when modern cryptographic best practices weren't nailed down yet. But more to the point: it's because even when the crypto is right, many software implementations still get things wrong. With all that in mind, there’s a third aspect of SSL/TLS that doesn't get nearly as much attention. That is: the SSL protocol itself was deliberately designed to be broken. Let me explain what I mean by that. Back in the early 1990s when SSL was first invented at Netscape Corporation, the United States maintained a rigorous regime of export controls for encryption systems. In order to distribute crypto outside of the U.S., companies were required to deliberately 'weaken' the strength of encryption keys. For RSA encryption, this implied a maximum allowed key length of 512 bits.* The 512-bit export grade encryption was a compromise between dumb and dumber. In theory it was designed to ensure that the NSA would have the ability to 'access' communications, while allegedly providing crypto that was still 'good enough' for commercial use. Or if you prefer modern terms, think of it as the original "golden master key". The need to support export-grade ciphers led to some technical challenges. Since U.S. servers needed to support both strong and weak crypto, the SSL designers used a 'cipher suite' negotiation mechanism to identify the best cipher both parties could support. In theory this would allow 'strong' clients to negotiate 'strong' ciphersuites with servers that supported them, while still providing compatibility to the broken foreign clients. This story has a happy ending, after a fashion. The U.S eventually lifted the most onerous of its export policies. Unfortunately, the EXPORT ciphersuites didn't go away. Today they live on like zombies -- just waiting to eat our flesh. If EXPORT ciphers are known to be broken, what's the news here? We don't usually worry about export-grade cipher suites very much, because supposedly they aren't very relevant to the modern Internet. There are three general reasons we don't think they matter anymore: Most 'modern' clients (e.g., web browsers) won't offer export grade ciphersuites as part of the negotiation process. In theory this means that even if the server supports export-grade crypto, your session will use strong crypto. Almost no servers, it was believed, even offer export-grade ciphersuites anymore. Even if you do accidentally negotiate an export-grade RSA ciphersuite, a meaningful attack still requires the attacker to factor a 512-bit RSA key (or break a 40-bit symmetric cipher). This is doable, but it's generally considered too onerous if you have to do it for every single connection. This was the theory anyway. It turns out that theory is almost always different than practice. Which brings us to the recent work by Beurdouche et al. from INRIA, Microsoft Research and IMDEA. What these researchers did was develop a fairly beautiful piece of formal analysis tooling that allows them to 'fuzz' the state machines of most modern SSL/TLS implementations. They found a bunch of wonderful things in the course of doing this -- some of them quite nasty. I'm not going to cover all of them in this post, but the one we care about here is quite simple. You see, it turns out that some modern TLS clients -- including Apple's SecureTransport and OpenSSL -- have a bug in them. This bug causes them to accept RSA export-grade keys even when the client didn't ask for export-grade RSA. The impact of this bug can be quite nasty: it admits a 'man in the middle' attack whereby an active attacker can force down the quality of a connection, provided that the client is vulnerable and the server supports export RSA. The MITM attack works as follows: In the client's Hello message, it asks for a standard 'RSA' ciphersuite. The MITM attacker changes this message to ask for 'export RSA'. The server responds with a 512-bit export RSA key, signed with its long-term key. The client accepts this weak key due to the OpenSSL/SecureTransport bug. The attacker factors the RSA modulus to recover the corresponding RSA decryption key. When the client encrypts the 'pre-master secret' to the server, the attacker can now decrypt it to recover the TLS 'master secret'. From here on out, the attacker sees plaintext and can inject anything it wants. So that's bad news and it definitely breaks our assumption in point (1) above. But at least in theory we should still be safe based on points (2) and (3). Right? How common are export-enabled TLS servers? No matter how bad you think the Internet is, it can always surprise you. The surprise in this case is that export-grade RSA is by no means as extinct as we thought it was. Based on some recent scans by Alex Halderman, Zakir Durumeric and David Adrian at University of Michigan, it seems that export-RSA is supported by as many as 5.2% 36.7% (!!!!) of the 14 million sites serving browser-trusted certs. The vast majority of these sites appear to be content distribution networks (CDN) like Akamai. Those CDNs are now in the process of removing export grade suites. While the numbers are impressive, the identity of those sites is a bit more worrying. They include U.S. government sites like Welcome to the National Security Agency - NSA/CSS (Oy vey), The White House and Internal Revenue Service. It turns out that the FBI tip reporting site (tips.fbi.gov) was also vulnerable. Vulnerable sites also included connect.facebook.net, which is the source of the famous Facebook 'Like' button which shows up on secure web pages all over the Internet. Attacks on these connections could lead to content injection on a huge number of web pages. (Facebook have updated their configuration as a result of this work.) Factoring an RSA key seems pretty expensive for breaking one session. This brings us to the most awful part of this attack. You don't have to be that fast. PoC or GTFO. Just because someone says an implementation is vulnerable doesn't mean it actually is. You should ask for proof. Fortunately, a proof of concept for this attack requires only a few ingredients. First, you need some tooling to actually run the MITM attack. Then you need the ability to (quickly) factor 512-bit RSA keys. From there it's just a question of finding a vulnerable client and server. The guts of the PoC were put together by Karthik Bhargavan and Antoine Delignat-Lavaud at INRIA. They assembled an MITM proxy that can intercept connections and re-write them to use export-RSA against a willing website. To factor the 512-bit export keys, the project enlisted the help of Nadia Heninger at U. Penn, who has been working on "Factoring as a Service" for exactly this purpose. Her platform uses cado-nfs on a cluster of EC2 virtual servers, and (with Nadia doing quite a bit of handholding to deal with crashes) was able to factor a bunch of 512-bit keys -- each in about 7.5 hours for $104 in EC2 time. From there all you need is a vulnerable website. Since the NSA was the organization that demanded export-grade crypto, it's only fitting that they should be the first site affected by this vulnerability. There's great video on the SmackTLS site. After a few hours of factoring, one can take the original site (which looked like this): You see, it turns out that generating fresh RSA keys is a bit costly. So modern web servers don't do it for every single connection. In fact, Apache mod_ssl by default will generate a single export-grade RSA key when the server starts up, and will simply re-use that key for the lifetime of that server. What this means is that you can obtain that RSA key once, factor it, and break every session you can get your 'man in the middle' mitts on until the server goes down. And that's the ballgame. And change it into this: Very dramatic. Some will point out that an MITM attack on the NSA is not really an 'MITM attack on the NSA' because NSA outsources its web presence to the Akamai CDN (see obligatory XKCD at right). These people may be right, but they also lack poetry in their souls. Is it patched? The most recent of OpenSSL does have a patch. This was announced (though not very loudly) in January of this year. Apple is working on a patch. Akamai and other CDNs are also rolling out a patch to solve these problems. Over the next two weeks we will hopefully see export ciphersuites extinguished from the Internet. In the mean time, try to be safe. What does it all mean? You might think this is all a bit absurd and doesn’t affect you very much. In a strictly technical sense you’re probably right. The client bugs will soon be patched (update your devices! unless you have Android in which case you're screwed). With good luck, servers supporting export-grade RSA cipher suites will soon be rare curiosity. Still, to take this as the main lesson of the work would, I think, be missing the forest for the trees. There’s a much more important moral to this story. The export-grade RSA ciphers are the remains of a 1980s-vintage effort to weaken cryptography so that intelligence agencies would be able to monitor foreign traffic. This was done badly. So badly, that while the policies were ultimately scrapped, they’re still hurting us today. This might be an academic point if it was only a history lesson. However, for the past several months, U.S. and European politicians have been publicly mooting the notion of a new set of cryptographic backdoors in systems we use today. While the proposals aren't explicit, they would presumably involve deliberately weakening encryption tech so that governments can intercept and read our conversations. While officials carefully avoid the term “back door” — or any suggestion of weakening our encryption systems against real attackers — this is wishful thinking. These systems are already so complex that even normal issues stress them to the breaking point. There's just no room for new backdoors. To be blunt about it, the moral is pretty simple: Encryption backdoors will always turn around and bite you in the ass. They are never worth it. Acknowledgements Special thanks to Karthik and Antoine for sharing this with me, Nadia for factoring, Ivan Ristic for interrupting his vacation to get us data, and the CADO-NFS team for the software that made this possible. Notes: * Export controls might have made some sense in the days when ‘encryption’ meant big clunky pieces of hardware, but it was nonsensical in a world of software. Non-U.S. users could easily skirt the paltry IP-address checks to download strong versions of browsers such as Netscape, and — when that was too much trouble — they could easily re-implement the crypto themselves or use foreign open source libraries. (The requirements became so absurd that mainstream U.S. companies like RSA Security wound up hiring foreign developers to build their encryption libraries, since it was easier to import strong encryption than to export it.) Sursa: http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html

Challenge: L-am mutat la cosul de gunoi dintr-un motiv. Care este motivul ce m-a determinat sa mut acest executabil la cosul de gunoi?

What you can expect from this course: You will get over 39 lectures and 10 hours of content! You will get free source code package to download You'll learn how to create shellcode You'll learn how to inject code into processes You'll learn how to hide processes, files, directories and registry entries You'll learn how to keep a rootkit in a system You'll learn how to create a backdoor You'll learn how to create an invisible keylogger and remote console You'll learn how to make a screenshot You'll learn how to create undetectable applications more info: https://www.udemy.com/rootkits-and-invisible-software/ Download: https://mega.co.nz/#!49AERDyC!Uy6FoNJzK4vgP6qQ7HeZ5AeBF_m28ZKvttQ8KPTJZK8 https://mega.co.nz/#!x1YARBxT!XxWqGr3cvYP7MX48vD_Jn95evTRM8PWTnBqV9VPY8ts https://mega.co.nz/#!MxxD1Y6Q!a0qiVvS45jfiRSupgAixQzjNWR68oF05l3u_c9eOjiQ https://mega.co.nz/#!J0wSjY4R!7ZaITtClN63i5lLsgiWwtbSxqxumyeNSUIrz2XWMA3Y https://mega.co.nz/#!ApxxxSbK!k01bmLV550BAnZ4LG9SLZGSd_jO9QZuOPKDgvQFopvM https://mega.co.nz/#!JgwSXIAL!fXXk_c4IK0YaEg1CivtMTyG0xmSDt9bJeVFRF0gMFKg sursa: http://certcollection.org/forum/topic/259816-filling-request-udemy-rootkits-and-invisible-software/

Daca crezi ca ai cunostinte intr-un domeniu util, da-i pm lu gecko sa te testeze, daca treci testele vorbeste cu kabron sa-ti confirme abilitatile. In cazul in care totul e ok, poti vorbi cu j1ll2013 -va incerca sa te convinga ca nu ai nevoie de custom title-, daca treci si de el... FELICITARI!

Daca mai ai invitatii, le poti trimite celor care au postat aici: https://rstforums.com/forum/74432-cerere-invitatii-pe-tracker-ul-filelist-ro.rst

Summary:China is backing away from US tech brands for state purchases as NSA revelations continue to make headlines in newspapers all around the world. China is no longer using high-profile US technology brands for state purchases, amid ongoing revelations about mass surveillance and hacking by the US government. A new report confirmed key brands, including Cisco, Apple, Intel, and McAfee -- among others -- have been dropped from the Chinese government's list of authorized brands, a Reuters report said Wednesday. The number of approved foreign technology brands fell by a third, based on an analysis of the procurement list. Less than half of those companies with security products remain on the list. Although a number of reasons were cited, domestic companies were said to offer "more product guarantees" than overseas rivals in the wake of the Edward Snowden leaks. Some reports have attempted to pin a multi-billion dollar figure on the impact of the leaks. In reality, the figure could be incalculable. The report confirms what many US technology companies have been saying for the past year: the activities by the NSA are harming their businesses in crucial growth markets, including China. The Chinese government's procurement list changes coincided with a series of high profile leaks that showed the US government have been on an international mass surveillance spree, as well as hacking expeditions into technology companies, governments, and the personal cellphones of world leaders. Concerned about backdoors implanted by the NSA, those revelations sparked a change in Chinese policy by forcing Western technology companies to hand over their source code for inspection. That led to an outcry in the capital by politicians who in the not-so-distant past accused Chinese companies of doing exactly the same thing. The fear is that as the China-US cybersecurity standoff continues, it's come too late for Silicon Valley companies, which are already suffering financially thanks to the NSA's activities. Microsoft said in January at its fiscal fourth-quarter earnings that China "fell short" of its expectations, which chief executive Satya Nadella described as a "set of geopolitical issues" that the company was working through. He did not elaborate. Most recently, HP said on Tuesday at its fiscal first-quarter earnings call that it had "execution issues" in China thanks to the "tough market" with increasing competition from the local vendors approved by the Chinese government. But one company stands out: Cisco probably suffered the worst of all. Earlier this month at its fiscal second-quarter earnings, the networking giant said it took a 19 percent revenue ding in China, amid claims the NSA was installing backdoors and implants on its routers in transit. China remains a vital core geography for most US technology giants with a global reach. But until some middle-ground can be reached between the two governments, expect Silicon Valley's struggles in the country to only get worse. sursa: It's official: NSA spying is hurting the US tech economy | ZDNet

adica asta: https://rstforums.com/forum/86032-python-secure-file-eraser.rst Daca continutul noului fisier este scris pe hdd exact in aceiasi locatie ca cel vechi, sansele de recuperare a datelor sunt doar teoretice (EX: cu microscopul electronic). Daca in schimb sistemul de operare decide sa scrie noul fisier in alta locatie si doar marcheaza fosta locatie ca disponibila pentru scriere, sunt sanse reale de recuperare a informatiilor

Oracle SQL (Step by Step Approach) YOU SAVE €321 https://www.udemy.com/oracle-sql-step-by-step-approach/?couponCode=LIMFAC

in perioada urmatoare presupun ca o sa fie la mare cautare pe olx/okazii/tocmai/ebay/etc hdd-urile produse inainte de 2006, vor deveni la fel de faimoase ca nokia 1100 made in germany editia 2003 "doar pentru cunoscatori"

One of the most shocking parts of the recently discovered spying network Equation Group is its mysterious module designed to reprogram or reflash a computer hard drive’s firmware with malicious code. The Kaspersky researchers who uncovered this said its ability to subvert hard drive firmware—the guts of any computer—“surpasses anything else” they had ever seen. The hacking tool, believed to be a product of the NSA, is significant because subverting the firmware gives the attackers God-like control of the system in a way that is stealthy and persistent even through software updates. The module, named “nls_933w.dll”, is the first of its kind found in the wild and is used with both the EquationDrug and GrayFish spy platforms Kaspersky uncovered. It also has another capability: to create invisible storage space on the hard drive to hide data stolen from the system so the attackers can retrieve it later. This lets spies like the Equation Group bypass disk encryption by secreting documents they want to seize in areas that don’t get encrypted. Kaspersky has so far uncovered 500 victims of the Equation Group, but only five of these had the firmware-flashing module on their systems. The flasher module is likely reserved for significant systems that present special surveillance challenges. Costin Raiu, director of Kaspersky’s Global Research and Analysis Team, believes these are high-value computers that are not connected to the internet and are protected with disk encryption. Here’s what we know about the firmware-flashing module. How It Works Hard drive disks have a controller, essentially a mini-computer, that includes a memory chip or flash ROM where the firmware code for operating the hard drive resides. When a machine is infected with EquationDrug or GrayFish, the firmware flasher module gets deposited onto the system and reaches out to a command server to obtain payload code that it then flashes to the firmware, replacing the existing firmware with a malicious one. The researchers uncovered two versions of the flasher module: one that appears to have been compiled in 2010 and is used with EquatinoDrug and one with a 2013 compilation date that is used with GrayFish. The Trojanized firmware lets attackers stay on the system even through software updates. If a victim, thinking his or her computer is infected, wipes the computer’s operating system and reinstalls it to eliminate any malicious code, the malicious firmware code remains untouched. It can then reach out to the command server to restore all of the other malicious components that got wiped from the system. Even if the firmware itself is updated with a new vendor release, the malicious firmware code may still persist because some firmware updates replace only parts of the firmware, meaning the malicious portions may not get overwritten with the update. The only solution for victims is to trash their hard drive and start over with a new one. The attack works because firmware was never designed with security in mind. Hard disk makers don’t cryptographically sign the firmware they install on drives the way software vendors do. Nor do hard drive disk designs have authentication built in to check for signed firmware. This makes it possible for someone to change the firmware. And firmware is the perfect place to conceal malware because antivirus scanners don’t examine it. There’s also no easy way for users to read the firmware and manually check if it’s been altered. The firmware flasher module can reprogram the firmware of more than a dozen different hard drive brands, including IBM, Seagate, Western Digital, and Toshiba. “You know how much effort it takes to land just one firmware for a hard drive? You need to know specifications, the CPU, the architecture of the firmware, how it works,” Raiu says. The Kaspersky researchers have called it “an astonishing technical accomplishment and is testament to the group’s abilities.” Once the firmware is replaced with the Trojanized version, the flasher module creates an API that can communicate with other malicious modules on the system and also access hidden sectors of the disk where the attackers want to conceal data they intend to steal. They hide this data in the so-called service area of the hard drive disk where the hard disk stores data needed for its internal operation. Hidden Storage Is the Holy Grail The revelation that the firmware hack helps store data the attackers want to steal didn’t get much play when the story broke last week, but it’s the most significant part of the hack. It also raises a number of questions about how exactly the attackers are pulling this off. Without an actual copy of the firmware payload that gets flashed to infected systems, there’s still a lot that’s unknown about the attack, but some of it can be surmised. The ROM chip that contains the firmware includes a small amount of storage that goes unused. If the ROM chip is 2 megabytes, the firmware might take up just 1.5 megabytes, leaving half a megabyte of unused space that can be employed for hiding data the attackers want to steal. This is particularly useful if the the computer has disk encryption enabled. Because the EquationDrug and GrayFish malware run in Windows, they can grab a copy of documents while they’re unencrypted and save them to this hidden area on the machine that doesn’t get encrypted. There isn’t much space on the chip for a lot of data or documents, however, so the attackers can also just store something equally as valuable to bypass encryption. “Taking into account the fact that their GrayFish implant is active from the very boot of the system, they have the ability to capture the encryption password and save it into this hidden area,” Raiu says. Authorities could later grab the computer, perhaps through border interdiction or something the NSA calls “"customs opportunities,” and extract the password from this hidden area to unlock the encrypted disk. Raiu thinks the intended targets of such a scheme are limited to machines that are not connected to the internet and have encrypted hard drives. One of the five machines they found hit with the firmware flasher module had no internet connection and was used for special secure communications. “[The owners] only use it in some very specific cases where there is no other way around it,” Raiu says. “Think about Bin Laden who lived in the desert in an isolated compound—doesn’t have internet and no electronic footprint. So if you want information from his computer how do you get it? You get documents into the hidden area and you wait, and then after one or two years you come back and steal it. The benefits [of using this] are very specific.” Raiu thinks, however, that the attackers have a grander scheme in mind. “In the future probably they want to take it to the next level where they just copy all the documents [into the hidden area] instead of the password. [Then] at some point, when they have an opportunity to have physical access to the system, they can then access that hidden area and get the unencrypted docs.” They wouldn’t need the password if they could copy an entire directory from the operating system to the hidden sector for accessing later. But the flash chip where the firmware resides is too small for large amounts of data. So the attackers would need a bigger hidden space for storage. Luckily for them, it exists. There are large sectors in the service area of the hard drive disk that are also unused and could be commandeered to store a large cache of documents, even ones that might have been deleted from other parts of the computer. This service area, also called the reserved are or system area, stores the firmware and other data needed to operate drives, but it also contains large portions of unused space. An interesting paper (.pdf) published in February 2013 by Ariel Berkman, a data recovery specialist at the Israeli firm Recover, noted “not only that these areas can’t be sanitized (via standard tools), they cannot be accessed via anti-virus software [or] computer forensics tools.” Berkman points out that one particular model of Western Digital drives has 141 MB reserved for the service area, but only uses 12 MB of this, leaving the rest free for stealth storage. To write or copy data to service area requires special commands that are specific to each vendor and are not publicly documented, so an attacker would need to uncover what these are. But once they do, “y sending Vendor Specific Commands (VSCs) directly to the hard-drive, one can manipulate these [service] areas to read and write data that are otherwise inaccessible,” Berkman writes. It is also possible, though not trivial, to write a program to automatically copy documents to this area. Berkman himself wrote a proof-of-concept program to read and write a file of up to 94 MB to the service area, but the program was a bit unstable and he noted that it could cause some data loss or cause the hard drive to fail. One problem with hiding large amounts of data like this, however, is that its presence might be detected by examining the size of the used space in the service area. If there should be 129 MB of unused space in this sector but there’s only 80 MB, it’s a dead giveaway that something is there that shouldn’t be. But a leaked NSA document that was written in 2006 but was published by Der Spiegel last month suggests the spy agency might have resolved this particular problem. NSA Interns to the Rescue The document (.pdf) is essentially a wish list of future spy capabilities the NSA hoped to develop for its so-called Persistence Division, a division that has an attack team within it that focuses on establishing and maintaining persistence on compromised machines by subverting their firmware, BIOS, BUS or drivers. The document lists a number of projects the NSA put together for interns to tackle on behalf of this attack team. Among them is the “Covert Storage” project for developing a hard drive firmware implant that can prevent covert storage on disks from being detected. To do this, the implant prevents the system from disclosing the true amount of free space available on the disk. “The idea would be to modify the firmware of a particular hard drive so that it normally only recognizes, say, half of its available space,” the document reads. “It would report this size back to the operating system and not provide any way to access the additional space.” Only one partition of the drive would be visible on the partition table, leaving the other partitions—where the hidden data was stored—invisible and inaccessible. The modified firmware would have a special hook embedded in it that would unlock this hidden storage space only after a custom command was sent to the drive and the computer was rebooted. The hidden partition would then be available on the partition table and accessible until the secret storage was locked again with another custom command. How exactly the spy agency planned to retrieve the hidden data was unclear from the eight-year-old document. Also unclear is whether the interns ever produced a firmware implant that accomplished what the NSA sought. But given that the document includes a note that interns would be expected to produce a solution for their project within six months after assignment, and considering the proven ingenuity of the NSA in other matters, they no doubt figured it out. Sursa:How the NSA's Firmware Hacking Works and Why It's So Unsettling | WIRED

There is an adware called Privdog that gets shipped with software from Comodo. It totally breaks HTTPS security. In case you haven't heard it the past days an Adware called Superfish made headlines. It was preinstalled on Lenovo laptops and it is bad: It totally breaks the security of HTTPS connections. The story became bigger when it became clear that a lot of other software packages were using the same technology Komodia with the same security risk. What Superfish and other tools do is that it intercepts encrypted HTTPS traffic to insert Advertising on webpages. It does so by breaking the HTTPS encryption with a Man-in-the-Middle-attack, which is possible because it installs its own certificate into the operating system. A number of people gathered in a chatroom and we noted a thread on Hacker News where someone asked whether a tool called PrivDog is like Superfish. PrivDog's functionality is to replace advertising in web pages with it's own advertising "from trusted sources". That by itself already sounds weird even without any security issues. A quick analysis shows that it doesn't have the same flaw as Superfish, but it has another one which arguably is even bigger. While Superfish used the same certificate and key on all hosts PrivDog recreates a key/cert on every installation. However here comes the big flaw: PrivDog will intercept every certificate and replace it with one signed by its root key. And that means also certificates that weren't valid in the first place. It will turn your Browser into one that just accepts every HTTPS certificate out there, whether it's been signed by a certificate authority or not. We're still trying to figure out the details, but it looks pretty bad. (with some trickery you can do something similar on Superfish/Komodia, too) There are some things that are completely weird. When one surfs to a webpage that has a self-signed certificate (really self-signed, not signed by an unknown CA) it adds another self-signed cert with 512 bit RSA into the root certificate store of Windows. All other certs get replaced by 1024 bit RSA certs signed by a locally created PrivDog CA. PrivDog is shipped with products produced by Comodo, for example with the Comodo Dragon browser. This makes this case especially interesting because Comodo itself is a certificate authority. It should be their job to protect HTTPS, not break it (they had issues before). As ACLU technologist Christopher Soghoian points out on Twitter the founder of PrivDog is the CEO of Comodo. (See this blog post.) Sursa: https://blog.hboeck.de/archives/865-Comodo-ships-Adware-Privdog-worse-than-Superfish.html

Everybody Knows How to Use a Computer, but Not Everyone Knows How to Use the Command Line. Yet This is the Gateway to Doing Anything and Everything Sophisticated with a Computer and the Most Natural Starting Place to Learn Programming Table of Contents 1. Introduction 2. 100 Useful Unix Commands 3. Getting Started: Opening the Terminal 4. The Definitive Guides to Unix, Bash, and the Coreutils 5. The Unix Filestructure 6. The Great Trailing Slash Debate 7. Where Are You? - Your Path and How to Navigate through the Filesystem 8. Gently Wading In - The Top 10 Indispensable Unix Commands 9. ls 10. Single Line Comments in Unix 11. The Primacy of Text Files, Text Editors 12. echo and cat 13. cp, mv, and rm 14. Variables in Unix 15. Escape Sequences 16. Global Variables in Unix 17. The PATH 18. What is Scripting? 19. File Suffixes in Unix 20. The Shebang 21. chmod 22. Saving to a File; Stdout and Stderr 23. More on Stdout and Stderr; Redirection 24. Conditional Logic 25. File Test Operators; Return or Exit Status 26. Basic loops 27. Arguments to a Script 28. Multi-Line Comments, Multi-Line Strings in Bash 29. Source and Export 30. Dotfiles (.bashrc and .bash_profile) 31. Working Faster with Readline Functions and Key Bindings 32. More on Key Bindings, the ASCII Table, Control-v 33. Aliases, Functions 34. The Top 20 Indispensable Unix Commands 35. head and tail 36. less and more 37. grep 38. sort 39. history 40. Piping in Unix 41. Command Substitution 42. Process Substitution 43. Processes and Running Processes in the Background 44. awk 45. sed 46. More awk examples 47. Regular Expressions in Bash 48. Command Line Perl and Regex 49. Example Bash Scripts 50. Using the Python Shell to do Math 51. Bash in the Programming Ecosystem (or When Not to Use Bash) 52. Concluding Notes Oliver | An Introduction to Unix

inca are* mai multi utilizatori decat win 8 + mac:)) Windows 7 55.92% Windows XP 18.93% Windows 8.1 10.04% Windows 8 3.79% Mac OS X 10.10 3.45% Windows Vista 2.44% Mac OS X 10.9 1.82% Linux 1.34% Mac OS X 10.6 0.65% Mac OS X 10.7 0.53% Mac OS X 10.8 0.48% Windows NT 0.21% Mac OS X 10.5 0.12% *Operating system market share

sau poate pentru ca e mai sigur decat cele din top ?

Nu observa nimeni ca XP-ul nu apare in top?

Top operating systems by vulnerabilities reported in 2014 Top applications by vulnerabilities reported in 2014 Most vulnerable operating systems and applications in 2014

analiza completa: http://www.mcafee.com/in/resources/white-papers/foundstone/wp-know-your-digital-enemy.pdf

Spionii americani ?i britanici au p?truns în re?eaua de computere intern? a celui mai mare produc?tor de cartele SIM din lume, furând cheile criptografice folosite pentru protejarea intimit??ii comunica?iilor telefonice în lume, relateaz? site-ul The Intercept. Spargerea a fost realizat? de o unitate comun? format? din agen?i ai NSA (Agen?ia pentru Securitate Na?ional? din Statele Unite) ?i GCHQ (Cartierul general pentru comunica?ii al Guvernului britanic), potrivit unui document strict secret furnizat site-ului The Intercept de Edward Snowden. Ac?iunea, detaliat? într-un document din 2010 al GCHQ, ofer? agen?iilor de supraveghere poten?ialul de a monitoriza mari p?r?i din comunica?iile prin telefonul mobil din lume, atât voce, cât ?i date. Compania vizat? de agen?iile de informa?ii, Gemalto, este o firm? multina?ional? implantat? în Olanda, care produce cipuri folosite în telefoanele mobile ?i în urm?toarea genera?ie de carduri de credit. Printre clien?ii s?i se num?r? AT&T, T-Mobile, Verizon, Sprint ?i circa 450 de furnizori de re?ea wireless din lume. Compania opereaz? în 85 de ??ri ?i are peste 40 de fabrici de produc?ie. Unul dintre cele trei sedii globale ale sale este în Austin, Texas, iar cea mai mare fabric? este în Pennsylvania. În total, Gemalto produce aproximativ dou? miliarde de cartele SIM pe an. Cu aceste chei criptografice furate, agen?iile de informa?ii pot monitoriza comunica?iile mobile f?r? s? cear? sau s? ob?in? aprobare din partea companiilor de telecomunica?ii ?i a guvernelor str?ine. De?inerea cheilor permite ?i evitarea unui mandat sau unei intercept?ri, f?r? s? lase vreo urm? în re?eaua wireless a furnizorului ale c?rui comunica?ii sunt interceptate. Cheile criptografice le permit agen?iilor de informa?ii s? deblocheze ?i orice comunica?ii criptate pe care le-au interceptat anterior, dar nu au avut capacitatea de a le decripta. Gemalto nu a ?tiut c? sistemele sale au fost penetrate ?i c? angaja?ii s?i sunt spiona?i. "Sunt tulburat, destul de îngrijorat c? s-a întâmplat a?a ceva", a declarat Paul Beverly, vicepre?edinte executiv al Gemalto, pentru The Intercept. "Cel mai important pentru mine este s? în?eleg exact cum a fost posibil a?a ceva, astfel încât s? putem lua m?surile necesare pentru a ne asigura c? acest lucru nu se mai întâmpl? ?i pentru a fi siguri c? nu exist? un impact asupra operatorilor de telefonie pe care i-am servit cu încredere timp mul?i ani", a precizat el. "Este incredibil. Incredibil", a declarat Gerard Schouw, parlamentar olandez din partea partidului de opozi?ie D66, atunci când a fost informat despre activit??ile agen?iilor de spionaj. "Nu vrem ca servicii secrete din alte ??ri s? fac? a?a ceva", a declarat Schouw. El a ad?ugat c? el ?i al?i parlamentari vor cere Guvernului olandez s? ofere o explica?ie oficial? ?i s? clarifice dac? serviciile de informa?ii ale ??rii erau la curent cu interceptarea Gemalto, al c?rei sediu general se afl? la Amsterdam. Sursa: Spioni americani ?i britanici au spart re?eaua celui mai mare produc?tor de cartele SIM din lume: "Sunt tulburat ?i îngrijorat c? s-a întâmplat a?a ceva" - Mediafax

The LaZagne Project - Recover most common software passwords (Firefox, IE, Opera, Chrome, Filezilla, winscp, coreFTP, WiFi and many more) The LaZagne project is an open source application used to retrieve lots of passwords stored on a local computer. Each software stores its passwords using different technics (plaintext, using api, custom algorithms, etc.). This tool has been developped to find these passwords for most common softwares. At this moment, it supports 22 softwares on windows and 12 on a linux plateform. Supported softwares Windows (tested on Windows XP, 7 and 8 - 32 and 64 bits) browsers: firefox chrome opera ie chats: skype pidgin jitsi mails: thunderbird outlook adminsys: filezilla puttycm winscp cyberduck coreFTP FTPNavigator database: sqldeveloper squirrel dbvisualizer svn: tortoise wifi: Wireless Network Password (Windows mechanism) windows credentials: Domain visible network (.Net Passport) Generic network credentials Linux browsers: firefox opera chats: pidgin jitsi mails: thunderbird adminsys: filezilla environment variables database: sqldeveloper squirrel dbvisualizer wifi: network manager wallet:gnome keyring The LaZagne Project - Recover most common software passwords (Firefox, IE, Opera, Chrome, Filezilla, winscp, coreFTP, WiFi and many more) | KitPloit