Nytro

L-am gasit azi, din intamplare: http://tutorialeplusplus.blogspot.ro/

.NET Internals and Native Compiling Introduction What is Native Compiling? Native Images Native Framework Deployment The Native Loader Registry Virtualization Issues and Conclusions Native Injection Native Decompiling .NET Virtual Machines Conclusions [h=2]Introduction[/h] This article is the second of a two series of articles about the .NET Framework internals and the protections available for .NET assemblies. This article analyzes more in depth the .NET internals. Thus, the reader should be familiar with the past article, otherwise certain paragraphs of this article may seem obscure. As the JIT inner workings haven't been analyzed yet, .NET protections are quite naïve nowadays. This situation will rapidly change as soon as the reverse engineering community will focus its attention on this technology. These two articles are aimed to raise the consciousness about the current state of .NET protections and what is possible to achieve but hasn't been done yet. In particular, the past article about .NET code injection represents, let's say, the present, whereas the current one about .NET native compiling represents the future. What I'm presenting in these two articles is new at the time I'm writing it, but I expect it to become obsolete in less than a year. Of course, this is obvious as I'm moving the first steps out from current .NET protections in the direction of better ones. But this article isn't really about protections: exploring the .NET Framework internals can be useful for many purposes. So, talking about protections is just a means to an end. [h=2]What is Native Compiling?[/h] Strictly speaking it means converting the MSIL code of a .NET assembly to native machine code and then removing the MSIL code from that assembly, making it impossible to decompile it in a straightforward way. The only existing tool to native compile .NET assemblies is the Salamander.NET linker which relies on native images to do its job. The "native images" (which in this article I called "Native Framework Deployment") technique is quite distant from .NET internals: one doesn't need a good knowledge of .NET internals to implement it. But, as the topic is, I might say, quite popular, I'm going to show to the reader how to write his Native Framework Deployment tool if he wishes to. However, the article will go further than that by introducing Native Injection, which means nothing else than taking the JIT's place. Even though this is not useful for commercial protections (or whatever), it's a good way to play with JIT internals. I'm also going to introduce Native Decompiling, which is the result of an understanding of .NET internals. I'm also trying to address another topic: .NET Virtual Machine Protections. [h=2]Native Images[/h] The internal format of native images is yet undocumented. It also would be quite hard documenting it as it constantly changes. For instance, it completely changed from version 1 to version 2 of the .NET framework. And, as the new framework 3.5 SP1 has been released a few days ago, it changed another time. I'm not sure on what extent it changed in the last version, but one change can be noticed immediately. The original MetaData is now directly available without changing the entry in the .NET directory to the MetaData RVA found in the Native Header. If you do that action, you'll end up with the native image MetaData which isn't much interesting. Also, in earlier native images (previous to 3.5 SP1 framework) to obtain the original MSIL code of a method, one had to add the RVA found in the MethodDef table to the Original MSIL Code RVA entry in the native header. This is no longer necessary as the MethodDef RVA entry now points directly to the method's MSIL code. This is important, since protections like the Salamander Linker need to remove the original MSIL code from a native image before they can deploy it. Otherwise the whole protection become useless, since MetaData and MSIL code are all what is necessary to rebuild a fully decompilable .NET assembly. The stripping of MSIL code was easier in the "old" format, because one only needed the Original MSIL Code RVA and Size entries to know which part of the native image had to be erased with a simple memset. All we need to know about the native images' format in order to write a Native Framework Deployment tool is how to strip the MSIL code from it. Even the Salamander Linker will need time to adapt to the new native image format in order to work with the framework 3.5 SP1. And, as there isn't currently any protection which works with 3.5 SP1 native images, what I'm writing in this article has been only tested against earlier images. Another reason why it is difficult to document native images is the lack of the code which handles them in the Rotor project. It was a deliberate choice made by Microsoft to exclude this part of the framework from the Rotor project. [h=2]Native Framework Deployment[/h] The name I gave to this sort of protection may appear a bit strange, but it will appear quite obvious as soon as I have explained how it actually works. As already said, there's no protection system other than the Salamander Linker which removes the MSIL and ships only native machine code. And, in order to do that, the Salamander Linker relies on native images generated by ngen. The Salamander Linker offers a downloadable demonstration on its home page and we will take a look at that without, of course, analyzing its code, as I don't intend to violate any licensing terms it may imply. In this paragraph I'm going to show how it is technically quite easy to write a Native Framework Deployment tool, but I doubt that the reader will want to write one after reading this. Don't get me wrong, the Salamander Linker absolutely holds its promise and actually removes the MSIL code from one's application, but the method used faces many problems and in my opinion is not a real solution. The Salamander Linker's demonstration is called scribble and it's a simple MDI application. Let's look at the application's main directory: Tutorial: http://www.ntcore.com/files/netint_native.htm

.NET Internals and Code Injection Introduction What is .NET Code Injection? How does .NET Code Injection work? .NET Internals (Part 1: JIT) The .NET Assembly Loader JIT Hooking Example The .NET Code Ejector Code Ejection Demonstration .NET Internals (Part 2: MethodDesc) .NET Internals (Part 3: IEE, Internal Calls, etc.) Other Injection/Ejection Approaches Conclusions [h=2]Introduction[/h] This article is the obvious culmination of the previous effort of writing the Rebel.NET application and the first of a two series of articles about the .NET framework internals and the protections available for .NET assemblies. The next article will be about .NET native compiling. As the JIT inner workings haven't been analyzed yet, .NET protections are quite naïf nowadays. This situation will rapidly change as soon as the reverse engineering community will focus its attention on this technology. These two articles are aimed to raise the consiousness about the current state of .NET protections and what is possible to achieve but hasn't been done yet. In particular, the current article about .NET code injection represents, let's say, the present, whereas the next one about .NET native compiling represents the future. What I'm presenting in these two articles is new at the time I'm writing it, but I expect it to become obsolete in less than a year. Of course, this is obvious as I'm moving the first steps out from current .NET protections in the direction of better ones. But this article isn't really about protections: exploring the .NET framework internals can be useful for many purposes. So, talking about protections is just a means to an end. [h=2]What is .NET Code Injection?[/h] .NET code injection is the "strong" brother of .NET packers (which unpack the entire assembly in memory). What .NET code injectors do is to hook the JIT and when the MSIL code of a method is requested they filter the request and provide the real MSIL instead of the MSIL contained in the assembly, which, most of the times, is just a ret. By injecting one (or quasi) method at a time, the MSIL code will remain conceiled. Even if one manages to dump the code, it isn't to be expected that the protection left the necessary space for the real MSIL code in the .NET assembly, although many commercial protections do so. Rebuilding the assembly from scratch is the universally valid way to proceed. This, of course, is not a problem with Rebel.NET. It should be obvious to the reader that .NET code injectors aren't reliable protections. It's just playing hide and seek with the reverser. But, as many software producers are putting their intellectual property in the hands of such protections, it is necessary to analyze them throughout. [h=2]How does .NET Code Injection work?[/h] One thing should be clear from the beginning: there isn't only one method to inject MSIL. Thus, to remove this kind of protection you have to evaluate the specific case. A very clean approach, though unused yet, would be to inject the MSIL through the .NET profiling API. There's a very in depth article about the .NET profiling API by Aleksandr Mikunov on MSDN. Anyway, as I already said, this approach isn't used by .NET protections. I referred to this approach as clean, simply because it uses the API provided by the framework itself. Thus, it'll work on every .NET framework no matter what. Whereas .NET protections usually hook the JIT and this, although it might work just as well, it is not guaranteed to do so. The .NET framework's JIT is contained in the mscorjit.dll module. To identify the part of the JIT being hooked by the .NET protection there's a very simple an effect way: dumping the mscorjit.dll module from the protection's process and comparing it to the original module on disk. I wrote a little CFF Explorer Script to make a comparision of a PE section which excludes the IAT in the comparision. This is especially useful when comparing the .text section of two executables. -Download the Section Comparer script It was a ten minutes job and it is extremely useful to identify the type of hook applied to the JIT. Let's look at a possible output of this script: Comparision between section 0 of C:\...\mscorjit.dll and C:\...\mscorjit_dumped.dll Differences found at: RVA1 RVA2 000460A0 000460A0 000460A1 000460A1 000460A2 000460A2 000460A3 000460A3 Number of differences found: 4 Tutorial: http://www.ntcore.com/files/netint_injection.htm

SendInput function

C apoi C++. Lasa porcariile, Python e pur si simplu "altfel". Daca ai incepe cu asa ceva, sau cu Perl sau chiar Shell scripting iti va fi greu sa inveti altceva, pentru ca sunt "diferite". Uita-te pe sintaxe si incearca sa nu te sperii. Invata C, apoi C++. Iti va fi foarte usor sa inveti apoi PHP, Javascript, Java, C#... Pentru ca sunt "la fel" in proportie de minim 80%. Apoi, vei putea programa si pe Windows si pe Linux fara sa ai nevoie de un interpretor/masina virtuala(Java) pentru a executa programul si va fi mai rapid ca in 95% ca unul scris in alt limbaj de programare/scripting (invata diferenta). Abia apoi uita-te la Python, Perl sau alte limbaje, "putin" diferite ca sintaxa de celelalte, mai "clasice". PS: Voi, ceilalti, evitati sa dati astfel de raspunsuri: "Invata limbajul x", spunand asta DOAR pentru ca voi cunoasteti si lucrati in acel limbaj. Daca voua va place si vi se potriveste nu inseamna ca e la fel pentru toata lumea.

Offtopic: iOS6 Tethered Jailbreak Released - Redsn0w iOS6 Tethered Jailbreak Announced ~ Geeky Apple - The new iPad 3, iPhone iOS6 Jailbreaking and Unlocking Guides

"Apple I a fost proiectat de cofondatorul lui Apple, Steve Wozniak, în timp ce Steve Jobs, cel?lalt creator al lui Apple, i-a asigurat promovarea." Steve Wozniak ba, Jobs doar a facut spam.

Da, ai dreptate, "simte muschiul", nu conteaza ca faci asta: E mai important un "hai ca poti" decat un sfat tehnic... Mai trebuie doar sa aud ca "Dumnezeu imi da putere si imi zice cand sa ma opresc"... Nu neg ce spune el, m-am uitat partial la videoclip, ceea ce spune te ajuta moral, dar daca nu stii sa tii o gantera si iti dai cu ea in gura?

Am fost un an si ceva, pana am inceput sa am probleme. La 72 de kg faceam: - 13 flotari intr-o mana - ridicam la presa 320 de kg - ridcari la paralele cu 40 de kg legate de mine - 95 kg la piept - piept cu gantere de 40 de kg - tractiuni cu 20 de kg legate de mine Apoi: - de la presa am avut probleme cu un picior, calcam pe el si "imi scapa in jos" - cu mana stanga aveam ceva probleme la cot - am patit sa stau intins pe spate in pat si pur si simplu sa nu pot sa ma ridic de durere De aceea m-am lasat. Stiu ca am fortat inutil. Bun, voi ce ati facut la sala? Cat timp ati mers? Despre Ronnie stiu de la Katmai. Cat despre ce spune ala, sunt simple incurajari morale, nu sunt sfaturi tehnice. Deci, voi cate tone ridicati cu sau fara steroizi?

Dar e ok si sa faceti ca asta: Exploding Arms - Mans Arms Explode from Steroids - YouTube

Ronnie Coleman - Wikipedia [h=2]Palmares[/h] 1990 Mr. Texas loc I 1991 World Amateur Championships loc I (cat. grea) 1995 Canada Pro Cup loc I 1996 Canada Pro Cup loc I 1997 Grand Prix Russia loc I 1998 Night of Champions loc I 1998 Toronto Pro Invitational loc I 1998 Mr. Olympia loc I 1998 Grand Prix Finland loc I 1998 Grand Prix Germany loc I 1999 Mr. Olympia loc I 1999 World Pro Championships loc I 1999 Grand Prix England loc I 2000 Mr. Olympia loc I 2000 Grand Prix England loc I 2000 World Pro Championships loc I 2001 Arnold Schwarzenegger Classic loc I 2001 Mr. Olympia loc I 2001 New Zealand Grand Prix loc I 2002 Mr. Olympia loc I 2002 Grand Prix Holland loc I 2003 Mr. Olympia loc I 2003 Grand Prix Russia loc I 2004 Mr. Olympia loc I 2004 Grand Prix England loc I 2004 Grand Prix Holland loc I 2004 Grand Prix Russia loc I 2005 Mr. Olympia loc I 2006 Mr. Olympia loc II 2006 Austrian Grand Prix - loc II 2006 Romanian Grand Prix - loc II 2006 Holland Grand Prix - loc II 2007 Mr. Olympia loc IV Dar na, voi luati-va dupa un boschet injectat ca va pricepeti. Si nu stiu de ce am impresia ca nu ati ridicat o gantera in viata voastra...

Daca ar fi sa puneti intrebari despre pentesting: - vulnerabilitati web - securitatea sistemelor Linux/Windows - information gathering - network security - cryptography Practic din orice sub-domeniu a ceea ce numim "securitate informatica", ce intrebari ati pune? Pentru incepatori, sau intermediari, nu ceva foarte complicat.

Daca luati sfaturi de la niste specimene care se umfla cu steroizi imi pare rau pentru voi.

[h=1]AVG 2013 Beta a fost lansat – Descarca, testeaza si castiga premii[/h]By Radu FaraVirusi(com) on June 15, 2012 AVG lanseaza versiunea 2013 a produselor sale de securitate, pentru descarcare devenind disponibil AVG Internet Security 2013 Beta. Produsul aduce o interfata grafica noua si cateva imbunatatiri si caracteristici noi, pe care le puteti vedea si in changelog-ul oficial: NEW FEATURES IN VERSION 2013 ============================ * Improved scanning using enhanced scanning algorithms for faster scanning. * Improved compatibility with a detected 3rd party Firewall. * Refined threshold for browser memory consumption. * Boot accelerator optimizes time needed for boot up. * Fresh and new user interface for easier navigation and better user experience. * AVG 2013 is fully compatible with Windows 8. FIXES & IMPROVEMENTS ==================== * Anti-Rootkit: Improved reporting of corrupted sections. * Anti-Spam: Improved configuration of all Anti-Spam components. * General: Alert Manager component has been removed. * General: Update selection dialog has been removed. * General: System Tools component has been removed. * Setup: Driver installation logging has been extended to provide enhanced information. * Setup: Search Shield component will not be installed by default, but only after having been selected for installation. Pentru a descarca AVG Internet Security 2013 Beta, testa si castiga premii (iPod Nano si alte premii), accesati site-ul: http://beta.avg.com Sursa: AVG 2013 Beta a fost lansat – Descarca, testeaza si castiga premii

Da, scrieti voi cod cu asa ceva...

https://rstcenter.com/forum/15095-c-liste-liniare-dublu-inlantuite.rst PS: Eram si eu mic, nu e tocmai ceva profesional.

Da, doar ca e ciudat gandit. Cel mai simplu: se face un & pe biti cu 0x01 = 00000001, 0x02 = 00000010, 0x04 = 00000100 si tot asa, si se verifica daca rezultatul e 0 sau 1, nu inteleg de ce s-a complicat asa...

[h=1]Linus Torvalds, creatorul Linux, a primit "Nobel-ul" pentru tehnologie[/h]de Liviu Petrescu | 14 iunie 2012 Creatorul Linux, finlandezul Linus Torvalds, a primit Millenium Technology Prize, cel mai important premiu pentru contributii aduse domeniului, considerat "Nobel-ul" pentru tehnologie. Premiul acordat o data la fiecare doi ani este impartit in acest an pentru prima oara de doi castigatori. Alaturi de contributia lui Linus Torvalds la dezvoltarea tehnologiei, japonezul Shinya Yamanaka, pionier in cercetarea celulelor stem, a primit aceeasi distinctie, scrie Wired. Premiul acordat de Academia de Tehnologie din Finlanda consta intr-un bursa de cercetare in valoare de 1,2 milioane euro, pe care Linus Torvalds si dr. Shinya Yamanaka o vor imparti. Cei doi au fost nominalizati ca finalisti ai Millenium Technology Prize inca din luna mai, dar decizia de a le acorda premiul amandurora i-a surprins pe multi. Premiile le-au fost inmanate celor doi in data de 13 iunie 2012 de catre presedintele finlandez Sauli Niinisto. Sursa: Linus Torvalds, creatorul Linux, a primit "Nobel-ul" pentru tehnologie | Hit.ro

[h=2]ESET lanseaz? versiunile BETA pentru ESET NOD32 Antivirus 6 ?i ESET Smart Security cu func?ie Anti-Theft[/h] ESET, liderul în protec?ia proactiv? împotriva amenin??rilor informatice, a anun?at începerea test?rilor BETA ale produselor de top - ESET Smart Security 6 BETA ?i ESET NOD32 Antivirus 6 BETA. Func?ia Anti-Furt care localizeaz? laptopurile pierdute ?i monitorizeaz? activitatea de pe dispozitivele furate, va fi disponibil? pe ambele produse pe toat? durata etapei BETA de dezvoltare pentru a se ob?ine cât mai multe p?reri de la evaluatori. Programul ESET BETA reprezint? ultima faz? în procesul de lansare, atunci când produsele pot fi testate de c?tre public. Atât ESET Smart Security 6 cât ?i ESET NOD32 Antivirus 6 sunt disponibile gratuit pentru desc?rcare aici. “În cadrul diviziei tehnologice de la ESET suntem entuziasma?i de introducerea noilor produse software de top - ESET Smart Security 6 BETA ?i ESET NOD32 Antivirus 6 BETA – la mai pu?in de un an dup? lansarea genera?iei 5. Dorim s? invit?m clien?ii actuali sau poten?iali s? testeze cele mai noi versiuni BETA pentru urm?toarele luni,” a spus Palo Luka, ESET Chief Technology Officer. Conform sondajului Online Security Brand Tracker realizat la nivel mondial, utilizatorii de PC utilizeaz? din ce în ce mai mult tehnologii mobile – 63% dintre utilizatori se conecteaz? la Internet utilizând laptopurile iar 12% utilizeaz? netbook-uri. Mai mult, din sondaj reiese c? beneficiile func?iei Anti-Theft au fost cele mai cerute. Prevenirea accesului neautorizat la un computer a fost clasificat? de catre 88% dintre utilizatori ca “necesar?” sau “util?”, în timp ce protec?ia datelor în caz de furt este cerut? de c?tre 84% dintre utilizatori. În plus, unul din 6 utilizatori de internet s-au confruntat cu pierderi de date personale. Rezultatele sondajului de mai sus de mai sus explic? de ce func?ia Anti-Theft a fost inclus? în seria V6, ajutând utilizatorul s? localizeze ?i s? recupereze computerul furat sau pierdut. Folosind func?ia Anti-Theft, utilizatorul poate localiza pe hart? laptopul disp?rut ?i poate monitoriza activitatea desfa?urat? pe acesta f?r? ca ho?ii s? ?tie. În plus, func?ia permite utilizatorului s? acceseze informa?iile colectate astfel, pe my.eset.com. Palo Luka explic?: “Noi, cei din echipa ESET, nu dorim ca actualii clien?i s? pl?teasc? în plus pentru ce noi consider?m a fi o parte integral? a securit??ii personale. De aceea vom include, f?r? nici un extra cost, noile caracteristici Anti-Theft ?i o mul?ime de alte beneficii în versiunea ESET Smart Security 6 atunci când va fi lansat?, ulterior în 2012.” ESET NOD32 Antivirus 6 BETA ?i ESET Smart Security 6 BETA cuprind multe beneficii ?i caracteristici îmbunat??ite, ce vor putea fi testate de c?tre utilizatori: Firewall Personal revizuit ?i Control Parental, Control pentru medii portabile de stocare a datelor, Mod Gamer, Antivirus ?i Antispyware implementate pe motorul de scanare multiplu premiat, scanare bazat? pe Cloud, scanare în stare inactiv?, la care se adaug? sistemul HIPS (Host Intrusion Prevention System). Func?ii selectate ?i beneficii oferite de c?tre ESET NOD32 Antivirus 6 BETA ?i ESET Smart Security 6 BETA Anti-Theft (în momentul lans?rii finale, func?ia va fi disponibil? doar pe ESET Smart Security) – Monitorizeaz? în mod automat dispozitivul pierdut ?i afiseaz? pozi?ia sa pe o hart? pe baza re?elelor Wi-Fi apropiate atunci când laptopul este online. Utilizatorul poate s? acceseze informa?ia colectat? pe my.eset.com, ?i s? urmareasc? discret infractorul cu ajutorul camerei web încorporate în laptop. Firewall Personal (disponibil doar pe ESET Smart Security 6 BETA) – Previne accesul neautorizat la datele stocate de c?tre persoane neautorizate. Utilizatorii pot realiza tranzac?ii bancare sau pot cump?ra online în siguran?? ?i pot intra linisti?i pe site-uri de socializare. Control Parental (disponibil doar pe ESET Smart Security 6 BETA) – Utilizând aceast? func?ie, utilizatorul î?i poate proteja copii ?i poate bloca accesul la anumite categorii de site-uri web, în func?ie de vârsta copiilor. Scanare în stare inactiv? – Efectueaz? scan?ri în adâncime atunci când computerul nu este utilizat, economisind performan?a sistemului ?i identificând din timp amenin??rile inactive înainte ca acestea s? provoace pagube. Noul produs efectueaz? de asemenea scan?ri în timp ce fi?ierele sunt desc?rcate online. Economise?te totodat? inteligent energia bateriei, atunci cand laptopul este deconectat de la re?eaua electric?, suspendand scanarea pornit? în stare inactiv?. Scanare în timp ce se descarc? fi?ierele – Reduce timpul de scanare prin scanarea anumitor tipuri de fi?iere – cum ar fi arhivele – în timp ce fi?ierul este desc?rcat. Toate produsele în versiune BETA preced produsele finale. Sunt concepute pentru a fi testate ?i nu trebuie utilizate pe sistemele de produc?ie ce con?in date importante. ESET apreciaza feedback-ul ?i opiniile clien?ilor, a?adar, în cazul în care întampina?i probleme cu produsele, v? rug?m raporta?i-le folosind acest formular pentru a ne ajuta s? îmbunat??im produsul nostru final. Pentru mai multe informa?ii vizita?i ESET Smart Security 6 ?i ESET NOD32 Antivirus 6 online. *Online Security Brand Tracker wave 6 este un proiect de cercetare ce m?soar? performan?ele brandului în cazul produselor software de securitate din segmentul utilizatorilor casnici. Sondajul este reprezentativ pentru 1.3 miliarde de utilizatori de internet de pe 6 continente. Obiectivul s?u este s? acumuleze informa?ii asupra situa?iilor curente ?i tendintelor de pe pia??; ob?inerea informa?iilor de pe pia?? pentru administrarea activitatilor ESET, precum ?i pentru dezvoltarea tehnologic? a produselor acestei companii. Num?rul ??rilor selectate este 49; colectarea datelor a fost realizat? de InSites Consulting (Belgia), pe e?antioane de responden?i online, analizele fiind efectuate de c?tre United Consultants (Slovacia) în perioada octombrie-noiembrie 2011. Sursa: Noutati Antivirus - ESET lanseaz? versiunile BETA pentru ESET NOD32 Antivirus 6 ?i ESET Smart Security cu func?ie Anti-Theft

[h=1]The Flame That Changed the World.[/h]June 14, 2012 by e_kaspersky I’ll never forget Oktoberfest 2010 for as long as I live. Yes, I like beer, especially the German stuff, and especially at Oktoberfest. But I don’t even remember the beer, and that’s not because I had too much of it It was at that time we received the first news of a very unpleasant trend, which I had feared for a number of years. That’s right, it was the first time Stuxnet reared its ugly head – the first malware created with state backing and designed to fulfill a specific military mission. This is exactly what we had talked about at our Oktoberfest press conference: “Welcome to the age of cyber warfare!” It was already obvious then that Stuxnet was just the beginning. Indeed, little has changed since that September right up to the present day. Everybody had a pretty good idea where Stuxnet came from and who was behind it, although not a single state took responsibility; in fact, they distanced themselves from authorship as much as possible. The “breakthrough” came at the end of May when we discovered new malware which also left little doubt as to its military origins and aims. Yes, I’m talking about Flame. Leaving the technical details to one side: what is the historic significance of Flame? Why all the fuss about this particular malware? To what extent is it dangerous and what type of danger does it pose? Are cyber weapons capable of becoming part of state military doctrine and triggering a new arms race? These questions may sound strange, even alarming – it’s just a virus, no big deal! After all, it’s not going to stop me from eating my fresh croissant in the morning (or my dim sum , is it? Well, if the development of military malware continues to spiral out of control, then the lack of a croissant or dim sum in the morning will be the least of the worries around. The week after Flame was detected we saw several sudden newsflashes. The news basically “upgraded” the current perception of military strategy and demonstrated that states have already been successfully applying offensive cyber weapons for several years now. On June 1st, The New York Times published a landmark article where the finger of responsibility for Stuxnet was pointed firmly at the USA – and there was no denial from Washington. Quite the opposite – the White House expressed its anger at information leaks and called for an investigation. At the same time, Israel also shed its inhibitions and, without going as far as acknowledging its participation in these incident(s), it finally admitted its interest in the development and implementation of cyber weapons. Now let’s look at the potential repercussions of this news. Firstly, Stuxnet, Duqu and Flame have proved that cyber weapons are: a) effective; much cheaper than traditional weapons; c) difficult to detect; d) difficult to attribute to a particular attacker (rendering proactive protective measures virtually useless); e) difficult to protect against, given all the unknown software vulnerabilities; f) can be replicated at no extra cost. What’s more, the seemingly harmless nature of these weapons means their owners have few qualms about unleashing them, with little thought for the consequences. And there will be consequences – to such an extent that the Die Hard 4 scenario will come to pass. Details below. Secondly, the recent examples have justified the use of cyber weapons both ethically and legally. I’m sure other countries have also made use of such technologies, but before it simply wasn’t discussed and everything was done on the quiet, little by little and secretly. Now, nobody is going to hold back. And those countries which do not have cyber weapons will be considered backward by “decent military society”. As a consequence, in the short term, cyber military budgets will be increased many times over and we will see an arms race in the cyber dimension. As we know all too well, guns are made for firing. Thirdly, the lack of any sort of international convention (i.e. an agreement on the “rules of the game”) on the development, implementation and distribution of cyber weapons and no court of arbitration give rise to several very real threats: The emergence of especially dangerous malware which deliberately, accidentally or by some “boomerang” effect strikes critical infrastructure objects, capable of triggering regional/global social, economic or ecological disasters. The use of conventional weapons in response to attacks involving cyber weapons. Last year the USA announced that they reserved the right to respond to a cyber attack with traditional military means. An imitation, provocation or misinterpretation of a cyber attack in order to justify a military attack on another state. A kind of cyber Pearl Harbor. There aren’t many people who currently understand the danger of cyber weapons. It’s hard to believe that some virus, a few kilo/megabytes of code can suddenly cause, say, an accident at a nuclear station, a fire on an oil pipeline or a plane crash, isn’t it? But mankind has for some time now become increasing and imperceptibly dependent on information technologies. For example, let’s return to the croissant thing. It’s made at a bakery, where computers are used in the accounting department, in the warehouse and for the systems responsible for mixing the dough and controlling the ovens. Ingredients are supplied to the bakery from other, similarly automated factories. All logistics between them involves computers and networks. Electricity, water, sewage and the other municipal services are also supplied by computerized enterprises. Even the elevator which delivers your croissant to a trendy café is managed by a dedicated IT system. Finally, there’s the credit card we use to pay for the croissant…well, need I say anymore? All these are potential targets of a cyber attack. And then we have Stuxnet which put centrifuges at nuclear facilities in Iran out of action. A bakery or water treatment plant is unlikely to have better protection. In fact, everything is much worse – industrial and critical infrastructure facilities operate on vulnerable SCADA systems which, on top of everything, are frequently connected to the Internet. And the sluggishness of the developers of these systems when it comes to fixing vulnerabilities (which can be exploited to conduct a cyber attack), has given rise to the new term “forever days”. In terms of their destructive potential, cyber weapons are by no means inferior to nuclear, biological or chemical weapons. But, unlike these weapons of mass destruction, cyber weapons are not subject to any sort of control and have the glamour of being invisible, ubiquitous and “precise” (some “experts” even went so far as to claim that cyber weapons actually contribute to the world peace) which makes their use all the more tempting. By developing cyber weapons, we are sawing the branch that we sit on. As a result the developed countries, being one of the most computerized entities in the world, will suffer most. To be honest, I am pessimistic. I hope I am mistaken. I don’t think it will now be possible for countries to agree upon cyber warfare rules. We are currently providing technical expertise to the UN’s International Telecommunication Unit (ITU). They are trying to create at least some sort of system for governing cyberspace along the lines of the IAEA. But even articles in the media show that some countries are resisting these efforts. Indeed, who needs regulations for such promising and “harmless” weapons? I reckon that governments will only fully understand the real danger of cyber warfare after we are hit hard, as was the case in 2003 along the north-east coast of the USA – there should be no doubts about the real cause of that particular incident. The barn doors won’t be closed until the horse has bolted. I just wonder if we can be smarter than this in the 21st century? Conclusions: The international community has to try to reach an agreement governing the development, application and proliferation of cyber weapons. This will not solve all the problems, but at least it will help establish the rules of the game, integrating the new military technologies into the structure of international relations, preventing uncontrolled development and careless use. Infrastructure and industrial facilities, financial and transport systems, utilities and other critically important objects should reappraise their approach to information security, first and foremost, in terms of isolating them from the Internet, seeking out software alternatives that meet the new challenges to industrial control systems. Although the security industry has been focusing on combating mass epidemics for many years, its arsenal includes protection technologies which are most probably capable of preventing targeted attacks by cyber weapons. However, this will require users to rethink the security paradigm and introduce a multi-level protection system. Stuxnet, Duqu and Flame are just the tip of the iceberg. We can only guess what other cyber weapons are circulating around the world. I’m sure we will have more discoveries soon. I just hope it doesn’t get too scary. Being a global company with a primary mission to care about our customers’ security, we state officially that we will fight any cyber weapons irrespective of the country of origin and any attempts to force us to “collaborate”. We consider any compromise on this score to be incompatible with our ethical and professional principles. State-backed cyber warfare is a real threat that is just making its first steps towards mass adoption. The earlier governments understand the possible consequences the safer our lives will be. I just can’t agree more with Bruce Schneier: Cyberwar treaties, as imperfect as they might be, are the only way to contain the threat. Can you imagine the world order without international treaties for nuclear/chemical/biological weapons deterrence? IAEA didn’t stop India, Israel, North Korea and Pakistan from developing their own nuclear weapons. However, these treaties clearly signal what is good and what is bad establishing the rules of the game! Sursa: The Flame That Changed the World. | Nota Bene

Ban, ma dezgustati.

Microsoft Security Bulletin Dupa cum cei cu Windows 7 ati vazut, au aparut azi niste update-uri: Microsoft Security Bulletin MS12-037 - Critical Cumulative Security Update for Internet Explorer (2699988) http://technet.microsoft.com/en-us/security/bulletin/ms12-037 Microsoft Security Bulletin MS12-042 - Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2711167) http://technet.microsoft.com/en-us/security/bulletin/ms12-042 Microsoft Security Bulletin MS12-041 - Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2709162) Microsoft Security Bulletin MS12-041 - Important : Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2709162) Astea sunt doar 3 dintre ele, cele mai interesante.

Browser Speed Tests: Chrome 19, Firefox 13, Internet Explorer 9, and Opera 11.64 By Whitson Gordon Jun 12, 2012 8:00 AM Firefox 13 is out and it's all about speed, and with Chrome and Opera also introducing new versions of their browsers, we thought it time for another browser speed test. So we've once again pitted the four most popular Windows web browsers against each other in a battle of startup times, tab loading times, and more, with some shocking results. We've been testing browsers for awhile, and we've refined our method pretty well. It's a good mix of both manually timed user experience measures and hardcore JavaScript and CSS benchmarks, plus some new tests aimed at features like Chrome's prerendering or Firefox's on demand tab loading can really do. All tests take place on Windows (which is why we didn't test Safari—it isn't very popular on Windows, and testing the Mac version wouldn't give it equal footing. We'll do a Mac-wide browser speed test the next time around). As always, remember that speed is not the only thing each browser has to offer. Each browser has a number of unique features and characteristics, all of which you should factor into making your choice of which to use. However, while most features can be listed on their home pages, you can't easily compare their speed just from each browser's changelog, and that's why we've put this together. It's just one more way to compare the browsers as you make your decision. Also keep in mind that everyone's computer is different, and your numbers may differ from ours, but the comparison between the numbers should be the same. Cold Boot-Up Winner: Opera! Full size Once again, we've slightly tweaked how we measure cold boot-ups, this time measuring until the moment you can actually type in the address bar and start visiting pages (since that's when most people will consider the browser "usable"). Coupled with all the new updates, this produced some very different results, with Opera coming out way ahead of the competition, ready to use in less than 2 seconds. Chrome came in second at about 4 seconds, the other browsers trailing further behind. Tab Loading Winner: Opera! Full size Our test of loading nine tabs, from Lifehacker to Facebook to Hulu and Gmail, Opera continues to rock our socks with seriously quick tab loading times. Firefox seriously improved this time around, but not enough to catch Opera, while Chrome stayed agonizingly slow once again. URL Loading Winner: Chrome! Full size Not surprisingly, Chrome took home the prize for visiting sites from the address bar, thanks to its awesome prerendering feature. While most browsers were pretty quick, Chrome was near instantaneous, as long as you had visited that page once during that session. Firefox and IE took second and third place, with Opera nearly doubling their times. Cold Restore Winner: Firefox! Full size In an effort to test the benefits of Firefox's new on demand tab loading, we took the same nine tabs as above, saved them in a session, and did another cold boot of the browser on restart, timing the time it took to automatically restore that session of tabs. We measured until the browser had stopped its loading process, which meant after one tab loaded in Firefox or after all tabs loaded in other browsers. Of course, Firefox users will have to wait for those tabs to load later on, but the idea was to measure how much quicker Firefox was at being usable when you restored from a large session—something you really feel the weight of when you load 9 tabs at once—and it didn't disappoint. Opera came in a pretty close second, with Chrome trailing far behind due to its slow tab loading times. Internet Explorer was left out for lack of an automatic session restore feature. JavaScript Winner: Chrome! Full size Not much changed in the JavaScript and CSS realms this time around. Chrome once again took home the gold in JavaScript performance, with Firefox coming in a distant second, not far from the other browsers. DOM/CSS Performance Winner: Opera! Full size Like the JavaScript tests, there's nothing new here. Opera once again obliterates the other browsers with seriously awesome CSS performance. Memory Usage (with Nine Tabs Open) Winner: Firefox! Full size Firefox continues to work on memory usage improvements, but all the browsers seemed to be on equally bloated footing this time around, at least without any extensions installed. After a few minutes, the memory usage of most browsers leveled out around 400MB, while Firefox was closer to 310MB. Memory Usage (with Nine Tabs and Five Extensions) Winner: Firefox! Full size This was the really shocking result this time around: Firefox may not have improved a ton without add-ons, but when you pile on five different add-ons, it's memory usage doesn't change all that much. The other browsers had their memory usage jump nearly 200MB, while Firefox's only jumped up by 60MB, making it a very clear first place winner. Its UI may still feel a little laggy, but when it comes to actually conserving memory, Firefox kicks butt. Overall Scores We debated ditching "overall scores" this time around, since it becomes harder and harder to tally them up fairly, and it's more important to look at each individual category than it is some arbitrary score. But everyone likes a winner, so we've kept this section at the end for those of you handing out trophies, and the scores are: Firefox: 75% Chrome and Opera: 66% Internet Explorer: 45% Firefox's new tabs on demand feature brought it into first place, above last time's winner, Chrome. Opera caught up to Chrome with some serious speed improvements, while Internet Explorer once again took a fairly distant last place. As we said, you should look at the individual scores above to see which browser is faster in the areas you care about—if you don't like Firefox's new tabs on demand, for example, Chrome and Opera would still be the fastest in your world. As usual, we're seeing that each browser is focusing on specific areas of improvement: Firefox with memory management, Opera with tab loading and CSS, and Chrome with its JavaScript and prerendering features—so wherever you're feeling the weight of your current browser, that might be a good place to see who's a faster choice. Our tests aren't the most scientific on the planet, but they do reflect a relatively accurate view of the kind of experience you'd get from each browser, speed-wise. Let us know if your experience differs-or if the speed losses are worth the browser's other features-in the comments. Sursa: Browser Speed Tests: Chrome 19, Firefox 13, Internet Explorer 9, and Opera 11.64

[h=1]Primul clip cu sistemul de operare al Mozilla - Boot to Gecko[/h]de Liviu Petrescu | 13 iunie 2012 In timp ce tot mai multi utilizatori Android aleg un root pentru a-si optimiza telefonul dupa bunul plac, Mozilla lucreaza la un sistem de operare mobil care permite utilizatorilor optimizarea completa, in orice clipa: Mozilla Boot to Gecko. Sistemul de operare creat de Mozilla, cunoscut si ca B2G, foloseste numai limbaje de programare web, HTML5 si JavaScript, lucru ce permite oricarui utilizator cu un minim de cunostinte de programare sa-si transforme telefonul sau tableta dupa gustul propriu, scrie Geek. Programatorul Paul Rouget, angajat Mozilla, a demonstrat intr-un clip video de 2 minute cat de usoara este optimizarea sistemului de operare Mozilla B2G. Boot to Gecko este bazat pe un Linux kernel, peste care sunt adaugate drivere Android si apoi motorul de rendering Gecko, acelasi folosit de Mozilla Firefox. Momentan, versiunea pre-release a B2G este disponibila doar utilizatorilor de Samsung Galaxy S2 si Nexus S. Sursa: Primul clip cu sistemul de operare al Mozilla - Boot to Gecko | Hit.ro

"doesn't matter, had sex"