LinuxPlanet Casts

Media from the Linux Moguls

Archive for the ‘china’ Category

Great Disk Famine | TechSNAP 30

without comments

post thumbnail

Anonymous says it’s going after a Mexican Drug Cartel, we’ll share you the amazing details!

Plus: Our tips for controlling remote downloads, and why all I’m going to want for Christmas is hard drives!

All that and more, on this week’s TechSNAP!

Thanks to:
GoDaddy.com Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!


Pick your code and save:

  • techsnap7: $7.49 .com
    techsnap10: 10% off
    techsnap20: 20% off 1, 2, 3 year hosting plans
    techsnap40: $10 off $40
    techsnap25: 25% off new Virtual DataCenter plans
  •  


    Direct Download Links:

    HD Video | Large Video | Mobile Video | MP3 Audio | OGG Audio | YouTube

    Subscribe via RSS and iTunes:


    Show Notes:

    Anonymous says it will go after Mexican Drug Cartel

    • Anonymous claims one of its members was kidnapped at a street protest
    • Anonymous claims it will start releasing details about journalists, taxi drivers, police officers and government officials who are on the Cartel’s payroll, if the kidnap victim is not released by November 5th (Guy Fawkes Day)
    • No information about the person who was allegedly kidnapped has been released
    • Anonymous hopes that releasing this information, the government will be able to pursue the allegedly corrupt officials. However, depending on the type of information, it is unlikely that the evidence provided would be enough to convict someone.
    • There are serious concerns that the release or even the threat of the release of such information could result in a violent backlash from the Cartel.
    • It would seem that anyone who’s name appears on the lists released by anonymous would be in serious danger. A case of mistaken identity or speculation could result in the death of an innocent person.
    • Anonymous has claimed it would attack a number of entities, including the NYSE and Facebook, a large number of these attacks have never taken place, or were unsuccessful and never mentioned again.

    Series of spear phishing attacks against chemical and defense companies

    • At least 50 different companies were targeted by attackers attempting to steal research and development documents and other sensitive information.
    • The attacks started in July, and continued through September, it is also believed that the same attackers were targeting NGOs and the auto industry earlier this year.
    • The attacks where spear phishing attacks, a specialized form of the common email attack. Unlike a typical phishing scam, where an attacker poses as your bank and attempts to get you to enter your login credentials and other personal information in to a fake site designed to mimic the look of your banks site, a spear phishing attack specifically targets individuals, using information that is known about them and where they work. Spear Phishing attacks also commonly involve impersonating someone you might expect to receive such an email from.
    • The emails sent in this case often took the form of meeting invitations with infected attachments. In other cases when the messages were broadcast to many victims, they took the form of security bulletins, usually riding on actual vulnerability announcements for common software such as Adobe Reader and Flash Player. It also seems the attackers attached the infected files in 7Zip format, to evade many spam filters and virus scanners that block or scan .zip files. The attackers also took to encrypting the zip files with a password, and providing that password in the email, again to avoid virus scanners on the inbound mail servers.
    • This attackers used PoisonIvy, a common backdoor trojan written by one or more persons who speak Mandarin. The Trojan also contained the address of a Command and Control (C&C) server used to feed it additional instructions.
    • Once the attackers made their way in to the network through one or more infected machines, they leveraged that access to eventually gain permissions to copy sensitive documents and upload them to an external server where they could then be recovered.
    • One of the command and control servers was a VPS operated in the United States, owned by a Chinese individual from Hebei province. Investigators have not been able to determine if this individual was part of the attacks, if anyone else had access to the VPS, or if he was acting on behalf of another group. It is possible the server was compromised, or that it could have been made to look like that was the case.
    • Symantec says that there were a number of different groups attacking these companies during this time span, some using a custom developed backdoor called ‘Sogu’ and using specially crafted .doc and .pdf files. There is no word on if these additional attacks were also successful.
    • Full Report

    Feedback:

    • Remote Downloads?
    • Q: I have a question regarding downloads, in particular, remote downloads.
    • A: There are a number of options, ranging in capability and ease of use.
    • rTorrent – A command line torrent client, works great over SSH (especially when combined with Screen). This is what Allan uses to seed the Linux Action Show torrents.
    • uTorrent – uTorrent (microTorrent) is available for windows, mac and linux. It offers an optional web UI (the web UI is the only option for linux) for remotely controlling the torrents, and can also automatically start downloading torrents when they are placed in a specified directory. uTorrent also incorporates an RSS reader.
    • wget – is a standard command line downloading tool included in most GNU Linux distros. Also available for windows
    • curl – A library and utility for dealing with http, it is a common feature of most web hosting servers, and easily integrates with PHP. You could write a short PHP script that would download files to the report server when prompted (possibly by an email or access from your mobile phone)

    Round UP:

    Written by chris

    November 3rd, 2011 at 7:15 pm

    Cyber Warfare | TechSNAP 13

    without comments

    post thumbnail

    Since the start of this show, one constant theme keeps coming to light, a new age of Cyber warfare has begun.

    In this week’s episode we cover what critical targets hackers and foreign governments might target to wage Cyber Warfare

    Plus what major attacks have already taken place? Some of which we are just now learning the ramifications of…

    All that and more, on this week’s TechSNAP!

    Direct Download Links:

    HD Video | Large Video | Mobile Video | MP3 Audio | OGG Audio | YouTube

    Subscribe via RSS and iTunes:

    Show Notes:

    Thanks to the TechSNAP Redditors!

     

    No Q&A this week, but we’re doing a double dose next week, send in your feedback and questions!

    Attacks on Government:


    Topic: Anonymous hacks 100 Turkish Government Sites

    • As part of Operation Anti-Sec, Anonymous has compromised the Turkish governments network of sites, and locked the administrators out.
    • A number of the sites appear to be for Hospitals and other medical facilities
    • The group released a 20MB archive on ThePirateBay, a complete dump of the content of each of the compromised sites.
    • Many of the sites were defaced
    • In a Cyber Warfare type situation, these types of actions could disable critical government functions, everything from weather forecasts to tax filing.

    Submitted by: Acidpunk


    Topic: Florida Elections Database Hacked

    • The database contained the names, usernames and plaintext passwords of election workers and polling stations
    • Username was first initial, last name, and password was first initial, last initial and 4 numbers. These passwords are too predictable and horribly insecure.

    Submitted by: Deathwalk


    Topic: Attacks on RoK Gov might have been Drills by DPRK

    • Attacks that crippled South Korean (Republic of Korea) government websites in July 2009 and again in March 2011 might have been cyber warfare drills conducted by North Korea (Democratic People’s Republic of Korea)
    • Attacks were likely reconnaissance to start building a detailed plan of attack in the event of war.
    • Much of the attack came from within South Korea, it is speculated that the virus was left on a number of South Korean file sharing sites, and then the resulting botnet of infected computers was used to take down the government websites.

    Attacks on Media:


    Topic: Washington Post hacked, 1.27m email addresses leaked

    • The Washington Post’s Jobs site was compromised on June 27th and 28th
    • 1.27 Million Usernames and email addresses were leaked
    • The Washington Post claims that no passwords or other personal information were stolen (were the passwords just hashed, and therefore ‘not disclosed’, or did the attackers not gain access to the passwords?)

    Topic: Fox News Twitter hacked, False Obama Death Notice

    • The @foxnewspolitics twitter account was hijacked and false news of US President Obama’s assassination was posted.
    • As with all incidents of this nature, it is being investigated by the Secret Service
    • BBC Coverage

    Submitted by: beyere5398 and LeifAndersen


    The Future:


    Topic: The Pentagon Establishes Cyber Warfare Retaliation Policy

    • The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war
    • Foreign directed hacker could pose as significant a threat to U.S. nuclear reactors, subways or pipelines as a hostile country’s military
    • If a cyber attack causes significant disruption (for example, to the power grid), or death, then the attackers will be met with conventional armed force.
    • New York Times coverage

    Topic: More is happening than we actually know

    • By reverse engineering a crashed EP-3E Aries II reconnaissance plane, the Chinese were able to begin intercepting encrypted US Navy communications
    • A few weeks after President Obama’s election, the Chinese flooded communications links they knew were monitored by the NSA with unencrypted copies of intercepted communications, proving they had compromised American communications links.

    Topic: Cyber Warfare will be constant and often subtle

    • The attacks on RSA earlier this year were not conclusively linked to Cyber Warfare, they could have been the work of a lone hacker, a small group, or an organized government
    • The RSA hack later led to the compromise of secure systems at Lockheed Martin and other US arms manufacturers.
    • Earlier this year we also saw the compromise of a large number of email accounts belonging to government and military officials. This type of reconnaissance can be used to gather information that would allow attackers to break in to more secured systems over time.
    • Many attacks go unnoticed, as the perpetrators keep the systems just to be used to launch future attacks from. As we saw in the RSA hack, the attackers used an offsite webserver they had compromised earlier to send the data to, to avoid connecting directly to RSA and possibly leaving a trail. They then destroyed the webserver, breaking the link back to them
    • In the past was have discussed the similar tactic of Island hopping, compromising an outward facing system such as a web, mail or monitoring server, or the desktop of a secretary or other lower level employee, and then slowly gathering more and more information in order to compromise the true targets of the attack.

    Submitted by: Raventiger


    Roundup:
    South Korea army, University to start Cyber Defense majorSubmitted by: refuse2speak
    Anonymous hacks apple server, leaks usernames and hashed passwords
    The Fog of Cyber Warfare – A battle without borders?Submitted by: Raventiger
    Chicago Mercantile Exchange Secrets and Source Code Leaked To China

    Copies of vsftpd 2.3.4 downloaded from official mirrors contain backdoorSubmitted by: stmiller
    Dropbox TOS gives them broad copyright license over your filesSubmitted by: rakudave
    Targeted phishing helped hackers earn 150 million in JuneSubmitted by: stmiller

    Bitcoin BLASTER:
    Lawyer Attempts To Trademark Bitcoin
    First bitcoin app for Android, but is it safe?
    BTCGuild suffers major DDoS Attack


    Download & Comment:

    Infected Perfected | STOked 85

    without comments

    post thumbnail

    In the first of a 3-week long series of events, the STOked boys are taking you on an in-depth tour of the Borg Special Task Force missions. Up this week is a guide to “The Infected” which includes tips and tricks for painlessly eliminating the Borg drones, and their leaders.

    Before we dig into that however, BIG NEWS landed this week regarding the impending purchase of Cryptic Studios by Perfect World International. Despite the community’s uproar over this news, we’re taking a more level-headed approach to the corporate nature of this acquisition, and intend to share our thoughts on why this could be one of the best business moves STO could potentially see.

    Direct Download Links

    HD Video | Large Video | Mobile Video | MP3 Audio | OGG Audio | YouTube

    Subscribe via RSS and iTunes:


    Our STOked App:

    STOked App Grab the STOked iPhone/iPod App and download STOked on the go!


    Show Notes:

    PERFECT WORLD BUYING CRYPTIC
    It was announced this morning that “Perfect World” has penned a deal to purchase Cryptic Studios for 35million Euro. 

    Other links/Cryptic responses:
    Compilation of pre-responses
    Official announcement from PR Newswire

    Thoughts:
    J-RANT: Chinese Racism on Forums (for shame!)

    F2P, Pay-to-Win
    Star Trek IP in China?
    “Angelica” 3D Engine — aging? Perhaps this acquisition is for the Cryptic engine?
    PWE obtained Runic (makers of Torchlight) in 2009 and haven’t meddled at all.
    R&D / Tech angle
    “More importantly, Cryptic Studios’ highly reputable development team and its technology platform will further strengthen our well-established R&D capabilities.”
    Jupiter Uniforms are here! C-Store: 280 pts
    - Not a bad price for 5 new tops and pants.
    - Pooooor Klingons…

    TWEET LEAKS
    - Earth Badge: http://twitpic.com/559m31
    - Gatling Turrets: http://a.yfrog.com/img610/8388/62484048.jpg
    - Qo’nos Courtyard: http://a.yfrog.com/img611/4751/dq60.jpg
    - Exocomps to replace Drones: http://desmond.yfrog.com/Himg612/scaled.php?tn=0&server=612&filename=7xvjt.jpg&xsize=640&ysize=640
    — REALLY, DAN? A picture of an EMAIL?! Now you’re just taunting us.

    Enterprise-F Dev Diary (How The Winner Was Chosen)
    - Includes a “clay model” with more angles to view (still a WIP)

    Infected Tips

    Watch the uncut full stream here & Part 2 here:

    General Tips:
    - If you’re new, get experienced players to lead you through. There’s plenty out there now.
    - Voice chat is highly recommended. (Vivox coming soon!)
    - Follow directions. Or if you’re leading, give clear directions that are easy to follow!
    - Do not progress any dialog pop-ups until the Team Leader gives the OK, or does it him/herself.
    - Do not go in unprepared! Make sure you have a solid spec that plays to the specific strengths of both your Space AND Ground abilities.

    SPACE:
    Zip around BEHIND the gate, and do not activate the two popups until the team is in position.
    With high DPS, you may be able to destroy the gate in a single activation sequence.
    If you destroy the gate without killing transmitters, you get better loot.
    If you do not destroy the gate in a single activation, you will be faced with 3-4 waves of borg ships that get progressively more and more powerful with each wave.

    Good Space Boff Abilities:
    Hazard Emitters (practically a must-have)
    Tactical Team
    A lot of DPS/buffs/debuffs
    Gravity Well — good for chain reactions on warp cores!

    Tactical Cubes have a ~5km explosion radius. If you are trying to keep the Transmitters alive, and have a Tac Cube spawned, be sure to lure it away from them before destroying the cube.

    Tweet Update:
    Cryptic_Gozer Dan Griffis
    Weekly STF Update… Infected space 85% complete. Battle to destroy the Transwarp Gateway is much more interesting now :)

    GROUND:
    Ground Weapons:
    Tactical — Sniper(x2)
    Engineer+Science — CRM200 + Melee

    Ground Kits:
    Engineer: Fabrication or Bunker Kit
    Tactical: Fire Team or Squad Leader
    Science: Medic (at least one on the team)… if you want to DPS, I recommend Geophysicist

    Order of Ground Targets:
    Interlink Node
    Infected
    Drone
    Medical
    (Protos? Can be cleaned up at any time after Medical. May despawn on their own.)
    AFTER ONLY TACTICALS ARE LEFT, SWITCH TO MELEE WEAPON
    Tactical
    Heavy
    Elite

    FIRST BOSS: Ogen
    Pull him OUT of his room, into the hallway.
    He will stop and summon friends halfway through the fight. If you are in the hallway, they will not join the battle.

    END BOSS: Manus
    Get into the alcoves on the wall opposite from the entry doorway.
    This blocks line of sight between group members (meaning, no heals!), which prevents her “chain lightning” attack from hitting more than one target at a time.

    NEXT WEEK: “The Cure”
    Keep your tips/guides coming! Jeremy is gonna try and post the best ones over at JupiterColony.com

    Want to help the show?

    Grab a shirt in the Jupiter Broadcasting Gear store!

    Donate your CPU to help JB mine for bitcoins! Your idle CPU cycles can help us generate revenue!


    Download & Comment: