Social Icons

Tuesday, March 25, 2014

Bullrun And Edgehill @ Secret Decryption Programs

1.    Most of the techies who have relied always on their favourite encryption methods to have privacy in store should be in for a shock like me if they have not heard of BULLRUN and EDGEHILL @ Secret Decryption Programs.Below I produce an unedited extract from the Snowden talk at TED last week.He was asked a question by Chris Anderson,the curator of TED and what followed is produced below :

Chris Anderson : Come here, because I want to ask you about this particular revelation. Come and take a look at this. I mean, this is a story which I think for a lot of the techies in this room is the single most shocking thing that they have heard in the last few months. It’s about a program called “Bullrun.” Can you explain what that is?
Snowden : So Bullrun, and this is again where we’ve got to thank the NSA for their candor, this is a program named after a Civil War battle. The British counterpart is called Edgehill, which is a U.K. civil war battle. And the reason that I believe they’re named this way is because they target our own infrastructure. They’re programs through which the NSA intentionally misleads corporate partners. They tell corporate partners that these are safe standards. They say hey, we need to work with you to secure your systems, but in reality, they’re giving bad advice to these companies that makes them degrade the security of their services. They’re building in backdoors that not only the NSA can exploit, but anyone else who has time and money to research and find it can then use to let themselves in to the world’s communications. And this is really dangerous, because if we lose a single standard, if we lose the trust of something like SSL, which was specifically targeted by the Bullrun program, we will live a less safe world overall. We won’t be able to access our banks and we won’t be able to access commerce without worrying about people monitoring those communications or subverting them for their own ends.

2.   It was always suspected for long but now the newly leaked documents by Edward Snowden, the NSA and GCHQ are said to have defeated most of the online encryption used by internet users and the likes of Microsoft, Google, Yahoo and even banks.Few important things about these two programs are bought below :

- Bullrun Is the Most Expensive Program Leaked by Snowden.The funding allocated for Bullrun in top-secret budgets dwarfs the money set aside for programs like PRISM and XKeyscore. PRISM operates on about $20 million a year, according to Snowden, while Bullrun cost $254.9 million in 2013 alone. Since 2011, Bullrun has cost more than $800 million.

- Bullrun Began 10 Years Ago

- A majority of the funding for Bullrun goes toward actively engaging tech companies in their product design. The NSA covertly influenced tech companies to insert vulnerabilities into commercial products that would allow the NSA access without consumers’ knowledge. 

- NSA and GCHQ View Encryption as a Threat(That's....incredible....)

- Edgehill started with the initial goal of decrypting the programs used by three major Internet companies, which were unnamed in Snowden’s leak, and 30 Virtual Private Networks.

- GCHQ hopes that by 2015 Edgehill will have decrypted 15 major Internet companies and 300 VPNs.

- NSA Covertly Influenced International Encryption Standards.

3.  Besides BULLRUN/EDGEHILL,the NSA and GCHQ have a number of programs for gathering different types of internet metadata few of which mentioned in Luke Harding's Book are :
Prism - Secret access to the servers of Google, Facebook and others.

Boundless informant - Mapping of all secret data to specific countries.

Upstream - Catch as much of the global internet traffic as it passes across the United States

Stellar Wind - liaison with US internet and telephone companies to provide metadata information.

Beam Remote Presence Operations

1.   Recently watched the Snowden Interview/Interaction at TED here as seen below

and got curious to know about the device used and he interacted vide.....and so got this video link with details of the BEAM remote presence operations...a very interesting device to say

2.  More details at

Sunday, March 23, 2014

Installing Enigmail Add-on on Thunderbird Email Client

This post only brings you the screen shots once you have installed Thunderbird and wish to use Enigmail with OpenPGP encryption..Enigmail is a security extension to Mozilla Thunderbird and Seamonkey. It enables you to write and receive email messages signed and/or encrypted with the OpenPGP standard.Sending and receiving encrypted and digitally signed email is simple using Enigmail.

Wednesday, March 19, 2014

Concluding XP getting Stronger by the Day @ Banks & ATMs still swear by it.

1.   Microsoft XP...the OS that was a milestone and turning point for the Microsoft company in many ways was given 8 Apr 2014 as the last date of survival ie after about 14 years of being in business, support for Windows XP will end on April 8, 2014. There will be no more security updates or technical support for the Windows XP operating system. After April 8, 2014, Microsoft will no longer provide security updates or technical support for Windows XP. So PCs running Windows XP after April 8, 2014, should not be considered to be protected...but is it that easy for a typical user to just see off XP and take on a newer OS?....leave aside the typical user ...would it be possible for the corporates to do it so easily???...alass!!! NAAA....

2.  Microsoft though had given early warnings as early as 2007 about the end of life support for XP OS, but in fact the surprising fact coming up vide various sources is that currently most bank machines (95% of ATMs in the world) use Microsoft XP (OS) in their cash machines and with the date nearing fast it seems like herculean to replace all as per the time line.So after repeated request from across the globe from leading bank vendors including big UK banks such as Barclays, HSBC, Lloyds Banking Group, Royal Bank of Scotland etc ,Microsoft has agreed to provide antimalware signatures for the operating system through July 15, 2015 and just for info that’s not the same as software patches, but does help consumer and business security programs identify malware on the system. The original end of support date of April 8, 2014 still stands. Even for this the banks might pay up to $100 million (KES. 8.5 billion) each to keep their Windows XP support, combined with the costs to upgrade their ATMs to a more recent version of the OS. Microsoft does offer what it calls “Custom Support” for large business that includes updates for legacy programs....

3.   Thus XP , though will be soon bidding bye for all home users but the fact is that it has proved it self yet again in terms of the swollen dependency that too pan global...that only proves yet again that XP still has a large large following.....

Tuesday, March 18, 2014

UBUNTU 12.04 LTS beats Windows 7,MAC @ GCHQ Report

1.    Now this is some good news for all Ubuntu lovers.Ubuntu 12.04 LTS has topped a UK security agency’s security assessment of mobile and desktop operating systems.CESG (originally Communications-Electronics Security Group) is the group within GCHQ(an intelligence and security organization, working to keep Britain safe and secure in the challenging environment of IT communications).CESG conducted a series of tests in the last few months to review a set of 11 operating systems which currently run on various devices such as desktops, laptops, servers, mobile phones and tablets. The security assessment included the following categories:

    - VPN
    - Disk Encryption
    - Authentication
    - Secure Boot
    - Platform Integrity and Application Sandboxing
    - Application Whitelisting
    - Malicious Code Detection and Prevention
    - Security Policy Enforcement
    - External Interface Protection
    - Device Update Policy
    - Event Collection for Enterprise Analysis
    - Incident Response

2.   Ubuntu 12.04 LTS is the only operating system to fully pass 9 of the 12 listed security recommendations above.Ubuntu was marked down on VPN and encryption because its implementation/software has yet to be independently assessed by an approved CESG body.The VPN issue is likely to be addressed in the UBUNTU 14.04 LTS thats likely arrival date is somewhere in Apr in another about two months from now.

3.    The list of operating systems which were compared are mentioned below :

- Windows 7/8
- Android 4.2
- Samsung devices with Android 4.2
- Apple iOS6
- Apple OSX 10.8
- Blackberry 10.1(EMM Corporate)
- Blackberry 10.1(EMM Regulate)
- Google Chrome OS 26
- Windows 8 RT
- Windows Phone 8

4.  What Canonical has to say about this

“We are working hard to close the gap and make Ubuntu clearly stand out as the most trustworthy operating system for the future and we hope to make excellent progress before our next LTS release in April 2014, 14.04 LTS, which will be even better,” Darryl Weaver, Canonical Sales Engineer

5.  Few screen shots from web with this news :

6.   Source of news as above...thanks

Sunday, March 16, 2014

Installing Dongle on Ubuntu : Mobile Internet@USB MODEM

1.   Writing after a long time... I post here few lines that I recently learnt on installing and accessing internet vide Dongle with SIM on Ubuntu LTS 12.04.So in my case I have a Micromax dongle with a mobile Sim.

2.  Simply said the steps are mentioned below :

- Insert the USB dongle in any of the USB drives on your PC/Laptop.

- Goto Terminal and login as Root

- At the terminal get the details of the usb detected interfaces by typing lsusb

- So in my case the dongle detected is shown at the end ie OMEGA TECHNOLOGY

- Now we need to run a terminal command to mount the device and get it running as shown in the screen shot below
sudo modprobe usbserial vendor=0x1c9e product=0x9605

- Once the command is executed at the terminal,wait for few minutes and you see the additional ENABLE MOBILE BROADBAND as seen in the screen shot below....
3.   and with this you should be on with the internet....