Social Icons

Thursday, May 29, 2014

Is it Hasta la Vista for True Crypt?

1.    The popular encryption software TRUE CRYPT (...actually my personal favourite for long now) site has been showing some surprising front page news as we reach the original address at www.truecrypt.org/ as seen below :



2.     I wonder why for any reason a open-source established software like TRUE CRYPT would start recommending Bitlocker ex Windows 7?....is it case of a simple web page hack or is it for real?....lets wait and watch for now...

Tuesday, March 25, 2014

Bullrun And Edgehill @ Secret Decryption Programs

 
1.    Most of the techies who have relied always on their favourite encryption methods to have privacy in store should be in for a shock like me if they have not heard of BULLRUN and EDGEHILL @ Secret Decryption Programs.Below I produce an unedited extract from the Snowden talk at TED last week.He was asked a question by Chris Anderson,the curator of TED and what followed is produced below :

Chris Anderson : Come here, because I want to ask you about this particular revelation. Come and take a look at this. I mean, this is a story which I think for a lot of the techies in this room is the single most shocking thing that they have heard in the last few months. It’s about a program called “Bullrun.” Can you explain what that is?
 
Snowden : So Bullrun, and this is again where we’ve got to thank the NSA for their candor, this is a program named after a Civil War battle. The British counterpart is called Edgehill, which is a U.K. civil war battle. And the reason that I believe they’re named this way is because they target our own infrastructure. They’re programs through which the NSA intentionally misleads corporate partners. They tell corporate partners that these are safe standards. They say hey, we need to work with you to secure your systems, but in reality, they’re giving bad advice to these companies that makes them degrade the security of their services. They’re building in backdoors that not only the NSA can exploit, but anyone else who has time and money to research and find it can then use to let themselves in to the world’s communications. And this is really dangerous, because if we lose a single standard, if we lose the trust of something like SSL, which was specifically targeted by the Bullrun program, we will live a less safe world overall. We won’t be able to access our banks and we won’t be able to access commerce without worrying about people monitoring those communications or subverting them for their own ends.

2.   It was always suspected for long but now the newly leaked documents by Edward Snowden, the NSA and GCHQ are said to have defeated most of the online encryption used by internet users and the likes of Microsoft, Google, Yahoo and even banks.Few important things about these two programs are bought below :

- Bullrun Is the Most Expensive Program Leaked by Snowden.The funding allocated for Bullrun in top-secret budgets dwarfs the money set aside for programs like PRISM and XKeyscore. PRISM operates on about $20 million a year, according to Snowden, while Bullrun cost $254.9 million in 2013 alone. Since 2011, Bullrun has cost more than $800 million.

- Bullrun Began 10 Years Ago

- A majority of the funding for Bullrun goes toward actively engaging tech companies in their product design. The NSA covertly influenced tech companies to insert vulnerabilities into commercial products that would allow the NSA access without consumers’ knowledge. 

- NSA and GCHQ View Encryption as a Threat(That's....incredible....)

- Edgehill started with the initial goal of decrypting the programs used by three major Internet companies, which were unnamed in Snowden’s leak, and 30 Virtual Private Networks.

- GCHQ hopes that by 2015 Edgehill will have decrypted 15 major Internet companies and 300 VPNs.

- NSA Covertly Influenced International Encryption Standards.

3.  Besides BULLRUN/EDGEHILL,the NSA and GCHQ have a number of programs for gathering different types of internet metadata few of which mentioned in Luke Harding's Book are :
   
Prism - Secret access to the servers of Google, Facebook and others.

Boundless informant - Mapping of all secret data to specific countries.

Upstream - Catch as much of the global internet traffic as it passes across the United States

Stellar Wind - liaison with US internet and telephone companies to provide metadata information.

Beam Remote Presence Operations

1.   Recently watched the Snowden Interview/Interaction at TED here as seen below



and got curious to know about the device used and he interacted vide.....and so got this video link with details of the BEAM remote presence operations...a very interesting device to say


2.  More details at https://www.suitabletech.com/

Sunday, March 23, 2014

Installing Enigmail Add-on on Thunderbird Email Client

This post only brings you the screen shots once you have installed Thunderbird and wish to use Enigmail with OpenPGP encryption..Enigmail is a security extension to Mozilla Thunderbird and Seamonkey. It enables you to write and receive email messages signed and/or encrypted with the OpenPGP standard.Sending and receiving encrypted and digitally signed email is simple using Enigmail.
















Wednesday, March 19, 2014

Concluding XP getting Stronger by the Day @ Banks & ATMs still swear by it.

1.   Microsoft XP...the OS that was a milestone and turning point for the Microsoft company in many ways was given 8 Apr 2014 as the last date of survival ie after about 14 years of being in business, support for Windows XP will end on April 8, 2014. There will be no more security updates or technical support for the Windows XP operating system. After April 8, 2014, Microsoft will no longer provide security updates or technical support for Windows XP. So PCs running Windows XP after April 8, 2014, should not be considered to be protected...but is it that easy for a typical user to just see off XP and take on a newer OS?....leave aside the typical user ...would it be possible for the corporates to do it so easily???...alass!!! NAAA....


2.  Microsoft though had given early warnings as early as 2007 about the end of life support for XP OS, but in fact the surprising fact coming up vide various sources is that currently most bank machines (95% of ATMs in the world) use Microsoft XP (OS) in their cash machines and with the date nearing fast it seems like herculean to replace all as per the time line.So after repeated request from across the globe from leading bank vendors including big UK banks such as Barclays, HSBC, Lloyds Banking Group, Royal Bank of Scotland etc ,Microsoft has agreed to provide antimalware signatures for the operating system through July 15, 2015 and just for info that’s not the same as software patches, but does help consumer and business security programs identify malware on the system. The original end of support date of April 8, 2014 still stands. Even for this the banks might pay up to $100 million (KES. 8.5 billion) each to keep their Windows XP support, combined with the costs to upgrade their ATMs to a more recent version of the OS. Microsoft does offer what it calls “Custom Support” for large business that includes updates for legacy programs....

3.   Thus XP , though will be soon bidding bye for all home users but the fact is that it has proved it self yet again in terms of the swollen dependency that too pan global...that only proves yet again that XP still has a large large following.....

Tuesday, March 18, 2014

UBUNTU 12.04 LTS beats Windows 7,MAC @ GCHQ Report

1.    Now this is some good news for all Ubuntu lovers.Ubuntu 12.04 LTS has topped a UK security agency’s security assessment of mobile and desktop operating systems.CESG (originally Communications-Electronics Security Group) is the group within GCHQ(an intelligence and security organization, working to keep Britain safe and secure in the challenging environment of IT communications).CESG conducted a series of tests in the last few months to review a set of 11 operating systems which currently run on various devices such as desktops, laptops, servers, mobile phones and tablets. The security assessment included the following categories:

    - VPN
    - Disk Encryption
    - Authentication
    - Secure Boot
    - Platform Integrity and Application Sandboxing
    - Application Whitelisting
    - Malicious Code Detection and Prevention
    - Security Policy Enforcement
    - External Interface Protection
    - Device Update Policy
    - Event Collection for Enterprise Analysis
    - Incident Response


2.   Ubuntu 12.04 LTS is the only operating system to fully pass 9 of the 12 listed security recommendations above.Ubuntu was marked down on VPN and encryption because its implementation/software has yet to be independently assessed by an approved CESG body.The VPN issue is likely to be addressed in the UBUNTU 14.04 LTS thats likely arrival date is somewhere in Apr 2014...ie in another about two months from now.

3.    The list of operating systems which were compared are mentioned below :

- Windows 7/8
- Android 4.2
- Samsung devices with Android 4.2
- Apple iOS6
- Apple OSX 10.8
- Blackberry 10.1(EMM Corporate)
- Blackberry 10.1(EMM Regulate)
- Google Chrome OS 26
- Windows 8 RT
- Windows Phone 8


4.  What Canonical has to say about this

“We are working hard to close the gap and make Ubuntu clearly stand out as the most trustworthy operating system for the future and we hope to make excellent progress before our next LTS release in April 2014, 14.04 LTS, which will be even better,” Darryl Weaver, Canonical Sales Engineer

5.  Few screen shots from web with this news :





6.   Source of news as above...thanks http://www.zdnet.com

Sunday, March 16, 2014

Installing Dongle on Ubuntu : Mobile Internet@USB MODEM

1.   Writing after a long time... I post here few lines that I recently learnt on installing and accessing internet vide Dongle with SIM on Ubuntu LTS 12.04.So in my case I have a Micromax dongle with a mobile Sim.

2.  Simply said the steps are mentioned below :

- Insert the USB dongle in any of the USB drives on your PC/Laptop.

- Goto Terminal and login as Root


- At the terminal get the details of the usb detected interfaces by typing lsusb


- So in my case the dongle detected is shown at the end ie OMEGA TECHNOLOGY

- Now we need to run a terminal command to mount the device and get it running as shown in the screen shot below
sudo modprobe usbserial vendor=0x1c9e product=0x9605

- Once the command is executed at the terminal,wait for few minutes and you see the additional ENABLE MOBILE BROADBAND as seen in the screen shot below....
 
 
3.   and with this you should be on with the internet....

Wednesday, January 01, 2014

Nessus Installation @ Backtrack R3

1.   This post speaks less and shows more about how to install Nessus in Backtrack R3.Also it is assumed that the user is connected to the Internet while installation is in progress.

First Step :  Get to the terminal and type apt-get install nessus

 closer look to the above screen shot as in terminal.

 This screen shot shows a progress shot whilst installation is in progress....

 Installation gets over here....as seen

 Second Step : Creating a user for login into the Nessus Interface.........

 You get to see the following after you have created the user....
 Third step : Visit the website as seen in the screen shot below :
 
 Fourth Step : Click on the Home user option and register with your e-mail id.You get a activation key in few seconds at your e-mail.

 Fifth Step :  After you get the key...type in the following syntax followed by the key that you get in ur email id....
 A closer look of the above screen shot

 After you the user is registered he gets to see the following screen :

 Sixth Step : Now open your Backtrack Mozilla Browser and type in the following address as shown in the screen shot here.This initialising takes a little time...mine took 4 minutes and more...
 A closer look at the address .......
 Once initialised you get the following screen for login
 Here you are...the login screen for Nessus...

Tuesday, December 31, 2013

New Laptops without Windows 8 @ Rare

1.   Strange it may seem but the current availability of Laptops for sale in the market show a peculiar sad state of specs...ie they are available only with Windows 8.There are rare options on few sites that offer New laptops for sale without Windows OS.I have been planning to buy a laptop with i3/i5 processor and in my search over various sites I came across this sad but surprising stat.

2.  Infact leading online shopping retails in Dubai have got NIL option to buy a laptop without Windows 8.I checked up at the following sites :

- http://www.carrefouruae.com/
- http://www.ic4uae.com/

3.   Even the options without Windows 8 on leading retails in India have much lesser options then with Windows 8. Checked up at Flipkart, snapdeal,timesofindia shopping to mention a few.
 

 4.   Given these facts...it looks like Microsoft has put in rigorous and vigorous marketing efforts to increase there sales graph for Windows 8.For those guys who wish to buy Windows 8 laptop and then attempt removing the windows and install some Linux flavour...it is equally surprising that unlike till Windows 7 wherein it was relatively a matter of deleting Windows and installing Linux...it is complex removing Windows 8 so the user has to be content with a dual boot option wherein he has to compromise with wastage of space dedicated to Windows....

5.  Thus there is a kind of binding that comes along with these laptops with Windows 8 that you cannot mov to another OS.....:-(

Saturday, November 23, 2013

BACKTRACK 5 R3 : 0trace

This post is going to introduce you to a "Identify Live Hosts" tool by the name of 0trace that enables a user to perform hop enumeration (“traceroute”) within an established TCP connection, such as a HTTP or SMTP session. This is opposed to sending stray packets, as traceroute-type tools usually do. The important benefit of using an established connection and matching TCP packets to send a TTL-based probe is that such traffic is happily allowed through by many stateful firewalls and other defenses without further inspection (since it is related to an entry in the connection table).

How to reach 0trace ?
(Click to enlarge)
(Click to enlarge)
(Click to enlarge)

The command syntax :

root@bt:/pentest/enumeration/0trace# ./0trace.sh eth0 (IP ADDRESS1)

and then you need to then open another terminal and connect using netcat as below

root@bt:~# nc (IP ADDRESS1) 80

Here in the example as shown vide screenshots,i have used a web site ip address for sample check....without opening the second terminal window...you will not get any progress on the first terminal....
Powered By Blogger