Irregular Expressions

April 27, 2012  1:52 AM

Bad times to be a spook

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Kinda hard to be Jason Bourne when they already know who you are.  As bad is this seems after reading this, I wonder how hard it would be to really ‘fix’ for a determined attacker as they say.  It would have to be pretty specific and I am sure there would be some sort of audit trail to clean up and maybe a few copies of the entry.

I would love to be in that room as this problem is worked out, I am pretty sure they did not go with the ‘we give up’ solution.

April 27, 2012  1:47 AM

Facebook and undercover officers

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

It’s a little old,

I have never really put this in to perspective if you think the number of pre-eighteen year olds there are in facebook and other sites like flickr with kindly tagged faces.  It makes for a small pool of under cover offices.

Some related I have been thinking about is I wonder if anyone has done any large scale indexing of the faces on the internet.  What I mean by that is there is all of these tagged photos with a name and face.  You could possible search the internet by face and not just by photo like what Google does now. Oh go try that drag a photo in to the search bar.

April 27, 2012  1:42 AM

Speaking of targeted determined attackers

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Espionage is real and happens far more then it is reported, partly because companies don’t want to report such a thing.  It can damage a companies reputation and in some of the other cases they have no idea what has even happened.

Would you know if there is malicious software running in your network?

Creating something that will not be detected by AV is pretty simple, and what about the C&C and data channel?

What about skype? or maybe an ad hosted on a legit site? what if it only looks while a logged on user is surfing? could you see it then?

This stuff can get nasty, then start throwing SSL in the mix and watch your IDS signatures work.

April 27, 2012  1:31 AM

Microsoft Security Intelligence Report Volume 12

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Lots of good information.

I am still reading, but I just read the section about targeted and determined attacks.  This has been happening more and more in the last few years.  Also I think it has to do with more of them being reported then there was in the past.

Given a determined attacker there is almost nothing you can do to stop them short of cutting wires.  Cyber warfare is like any other, and it does not give advantage to the defender.  Just as in a siege time is not on your side.

April 25, 2012  9:19 PM

Smash The Stack Logic Level 1 * Spoiler * Part b

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

A couple more things to mention, just running the basic commands from the web page will only give you a single line of output.  You could just guess which is what I did or if you really need to see the output of the commands I would redirect them to the upload directory and from there you can view them.  The other thing you could have done is uploaded nc directly to the server ( I did not try this, I did not want to break anything) and execute it in to a listening loop against /bin/sh, insta shell.  Or you could do the same thing by creating a service.

April 25, 2012  9:08 PM papers release

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Alan Turning, if that name sounds a little unfamiliar he was one of the leads on the enigma machine during the second world war.  He was very interesting I would just look him up if you wanted some reading.

I could not find a digital link, and they mention the national archives so you might have to go for a drive to see them.  There might still be valuable information in the papers, but they were focused on preparing settings on the enigma machine to ready it for work.

April 25, 2012  8:50 PM

The Hurt Locker Strikes Back

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

No really,

The movie was released in 2008 and they are still filing new lawsuits.

I think this studio has found a new source of revenue, they must be making something off these or they would not continue.

April 24, 2012  10:59 PM

Keeping things secret

Dan O'Connor Dan O'Connor Profile: Dan O'Connor


Funny story about WolframAlpha.

April 22, 2012  11:33 PM

35 Strategies to Mitigate Targeted Cyber Intrusions

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

Very handy and very manager friendly.

If there was an award for most valuable 35 list thing, this would win.

April 22, 2012  11:20 PM

Megaupload updates

Dan O'Connor Dan O'Connor Profile: Dan O'Connor

So the latest is that;

1) The case may not proceed due to some pesky paper work.

2) Kim is mad, no kidding

Ok 2 was funny but seriously they are continuing to investigate (from his side) the possibility of corrupt activities leading to the raid.

Also some other information that is related.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: