Cyber-ketju: verkkovakoilu,kännyköiden ja wlanien seuranta, hakkerointi, virukset, DoS etc

Huhta

Ylipäällikkö
ELSO 2.0
Viestikoelaitoksen diaesitykset alkavat usein muistutuksella siitä, että nyt ollaan salaisessa paikassa ja jokainen kännykkä voi olla mikrofoni:

ERITTÄIN SALAINEN​
– ei muistiinpanoja​
– sulkekaa gsm-puhelimet​
Toivottavasti puhelimia koskevia käytäntöjä on kiristetty myöhemmin ja HS antaa vanhaa tietoa. Etenkin tärkeiden henkilöiden puhelimiin koetetaan jatkuvasti ujuttaa kaikenlaista, joten en luottaisi suljetun puhelimen olevan suljettu. Minimissään otetaan akku irti tai sitten kapula jätetään kokonaan toiseen tilaan, jossa ei ole mitään salakuunneltavaa.
 

Sardaukar

Ylipäällikkö
Lahjoittaja
Toivottavasti puhelimia koskevia käytäntöjä on kiristetty myöhemmin ja HS antaa vanhaa tietoa. Etenkin tärkeiden henkilöiden puhelimiin koetetaan jatkuvasti ujuttaa kaikenlaista, joten en luottaisi suljetun puhelimen olevan suljettu. Minimissään otetaan akku irti tai sitten kapula jätetään kokonaan toiseen tilaan, jossa ei ole mitään salakuunneltavaa.
Aika monessa ns. Turvatilassa kännykät jätetään ulkopuolelle telineeseen.

https://en.wikipedia.org/wiki/Sensitive_Compartmented_Information_Facility

Tätä systeemiä eivä käytä yksin jenkit vaan ihan monet yksityiset yrityksetkin, mm. sellaiset joille olen tehnyt duuniakin.
 
Kännyköiden osalta käytännöt PV:ssa ainakin omien kertausharjoitusten perusteella ovat nykyisin aika selvät. Puhelimet jätetään sen huoneen ulkopuolelle, jossa salaisia asioita käsitellään. Dokumentteja ei jaeta sähköisenä ja paperitulosteet kerätään pois. Omat muistiinpanotkin kerätään pois. Jos joku ulkopuolinen haluaa tiedustella, niin sitten vaaditaan henkilökohtaista lähestymistä perinteiseen malliin, eli elektronisia oikoteitä ei ole. Enkä puhu mistään erityisen tärkeistä henkilöistä vaan ihan riviressukoista sikäli kuin tehtävänkuvassa on operatiivisia kuvioita.
 

ctg

Ylipäällikkö


Would you like to join the merry band of researchers breaking machine learning models? A trio of German researchers has published a tool designed to make it easier to craft adversarial models when you're attacking a “black box”.

Unlike adversarial models that attack AIs “from the inside”, attacks developed for black boxes could be used against closed system like autonomous cars, security (facial recognition, for example), or speech recognition (Alexa or Cortana).

The tool, called Foolbox, is currently under review for presentation at next year's International Conference on Learning Representations (kicking off at the end of April).

Wieland Brendel, Jonas Rauber and Matthias Bethge of the Eberhard Karls University Tubingen, Germany explained at arXiv that Foolbox is a “decision-based” attack called a boundary attack which “starts from a large adversarial perturbation and then seeks to reduce the perturbation while staying adversarial”.
http://www.theregister.co.uk/2017/12/18/black_box_ai_attack/

Nostaa sarvia päähän kun ajattelee miten paljon hallaa tällä saa aikaiseksi teoriassa. Ihmiset luottavat entistä enemmän koneisiin, ja tulevaisuudessa tämä ei varmaankaan muutu, mutta mitä tapahtuu kun tätä käytetään laajasti peittämään esimerkiksi salamurha taikka vallankaappaus?
 

ctg

Ylipäällikkö
2016 saw a significant drop-off in cyber-espionage by China in the wake of a 2015 agreement between US President Barack Obama and Chinese Premier Xi Jingping. But over the course of 2017, espionage-focused breach attempts by Chinese hackers have once again been on the rise, according to researchers at CrowdStrike. Those attempts were capped off by a series of attacks in October and November on organizations involved in research on Chinese economic policy, US-China relations, defense, and international finance. The attackers were likely companies contracted by the Chinese military, according to Adam Meyers, vice president of intelligence at CrowdStrike.

The drop in Chinese cyber-espionage may have been influenced by the 2015 agreement, reached as the US considered imposing sanctions against China. The US did so in the wake of the massive breach at the Office of Personnel Management —an operation attributed to China—and a vast economic espionage campaign in which Chinese hackers were alleged to have breached more than 600 organizations in the US over a five-year period.

But Meyers told Ars that the drop may also have been because of a reorganization of China's People's Liberation Army (PLA), in which "they did a rightsizing and reduced 300,000 positions out of the PLA," Myers said.
Linkki
 

ctg

Ylipäällikkö
Vietnam is deploying a 10,000-member military cyber warfare unit to combat what the government sees as a growing threat of “wrongful views” proliferating on the internet, according to local media.

Force 47 has worked pro-actively against distorted information, Tuoi Tre newspaper reported, citing Nguyen Trong Nghia, deputy head of the general politics department under the Vietnam People’s Military. The disclosure of the unit comes as the Communist government pressures YouTube Inc. and Facebook Inc. to remove videos and accounts seen damaging the reputations of leaders or promoting anti-party views.

Facebook this year removed 159 accounts at Vietnam’s behest, while YouTube took down 4,500 videos, or 90 percent of what the government requested, according to VietnamNet news, which cited Minister of Information and Communications Truong Minh Tuan last week. The National Assembly is debating a cybersecurity bill that would require technology companies to store certain data on servers in the country.
Linkki
 

ctg

Ylipäällikkö
Security flaws are unwittingly competing to outdo each other. The latest, called Meltdown and Spectre, have the potential to be some of the most widespread yet. It's likely they will impact all computer processors on the market and completely eradicating them will take a serious amount of time.

Both Spectre and Meltdown have the ability to be one of the biggest tech security vulnerabilities discovered. Easily ranking alongside Heartbleed, Krack and Shellshock. Here's what we know so far.
Linkki

En usko että tähän on helppoa ratkaisua koska raudan korjaaminen ei ole mahdollista. Joten luottakaa siihen että teidän softa rajapintanne on turvassa ja kukaan ei pääse fyysisesti koneelle.
 

ctg

Ylipäällikkö
FRANKFURT (Reuters) - Daniel Gruss didn’t sleep much the night he hacked his own computer and exposed a flaw in most of the chips made in the past two decades by hardware giant Intel Corp (INTC.O).

The 31-year-old information security researcher and post-doctoral fellow at Austria’s Graz Technical University had just breached the inner sanctum of his computer’s central processing unit (CPU) and stolen secrets from it.

Until that moment, Gruss and colleagues Moritz Lipp and Michael Schwarz had thought such an attack on the processor’s ‘kernel’ memory, which is meant to be inaccessible to users, was only theoretically possible.
Linkki
 

ctg

Ylipäällikkö

Horrible storage performance aside we consistently saw less than a 5% reduction in gaming performance, you’re looking at around a 3-4% drop for the most part when CPU limited, less when GPU limited. SSD performance doesn’t impact frame rates. We’ve seen this when comparing slow hard drives with ultra-snappy SSDs, so there’s really nothing to gain there. Where a drop in storage performance can hurt is with game load times.
Linkki

There are three main groups of companies responding to the Meltdown and Spectre pair: processor companies, operating system companies, and cloud providers. Their reactions have been quite varied.
Linkki
 

ctg

Ylipäällikkö
The Border Gateway Protocol (BGP) is one of the Internet's basic pieces of plumbing technologies, but it's also so old it was designed before the security needs of a multi-billion-user network were understood.

In particular, BGP is notorious for allowing sysadmins to “black-hole” huge swathes of traffic either by fat-fingering route advertisements, or in some suspected cases, maliciously advertising routes that send commercial rivals' traffic into dead zones that kill the user experience.

Which is why a group of researchers from Europe and America reckon they've created a framework that would let service providers neutralize a BGP hijack in minutes.

The researchers, from The Center for Applied Internet Data Analysis (CAIDA), Greek research institute ICS-FORTH, and Telecom ParisTech, outlined their work at arXiv.
Linkki
 

ctg

Ylipäällikkö
While the whole industry is scrambling on Spectre, Meltdown focused most of the spotlight on Intel and there is no shortage of outrage in Internet comments. Like many great discoveries, this one is obvious with the power of hindsight. So much so that the spectrum of reactions have spanned an extreme range. From “It’s so obvious, Intel engineers must be idiots” to “It’s so obvious, Intel engineers must have known! They kept it from us in a conspiracy with the NSA!”

We won’t try to sway those who choose to believe in a conspiracy that’s simultaneously secret and obvious to everyone. However, as evidence of non-obviousness, some very smart people got remarkably close to the Meltdown effect last summer, without getting it all the way. [Trammel Hudson] did some digging and found a paper from the early 1990s (PDF) that warns of the dangers of fetching info into the cache that might cross priviledge boundaries, but it wasn’t weaponized until recently. In short, these are old vulnerabilities, but exploiting them was hard enough that it took twenty years to do it.

Building a new CPU is the work of a large team over several years. But they weren’t all working on the same thing for all that time. Any single feature would have been the work of a small team of engineers over a period of months. During development they fixed many problems we’ll never see. But at the end of the day, they are only human. They can be 99.9% perfect and that won’t be good enough, because once hardware is released into the world: it is open season on that 0.1% the team missed.

The odds are stacked in the attacker’s favor.
Linkki

The development of AI adversaries continues apace: a paper by Nicholas Carlini and David Wagner of the University of California Berkeley has explained off a technique to trick speech recognition by changing the source waveform by 0.1 per cent.

The pair wrote at arXiv that their attack achieved a first: not merely an attack that made a speech recognition SR engine fail, but one that returned a result chosen by the attacker.

In other words, because the attack waveform is 99.9 per cent identical to the original, a human wouldn't notice what's wrong with a recording of “it was the best of times, it was the worst of times”, but an AI could be tricked into transcribing it as something else entirely: the authors say it could produce “it is a truth universally acknowledged that a single” from a slightly-altered sample.
Linkki
 
Viimeksi muokattu:

ctg

Ylipäällikkö
The US House of Representatives this week approved a bill that, given further legislative and executive branch support, will require the American government to account for its handling of software and hardware vulnerabilities.

The "Cyber Vulnerability Disclosure Reporting Act," sponsored by Rep Sheila Jackson Lee (D-TX), requires the Department of Homeland Security to issue "a report that contains a description of the policies and procedures developed for coordinating cyber vulnerability disclosures."

The US government has not provided much detail about how it handles vulnerabilities that it becomes aware of, and advocacy organizations like the Electronic Frontier Foundation argue that more transparency is needed to debate the consequences of vulnerability research and disclosure.

"Perhaps the best thing about this short bill is that it is intended to provide some evidence for the government’s long-standing claims that it discloses a large number of vulnerabilities," said EFF attorneys Nate Cardozo and Andrew Crocker in a blog post on Friday.

The US National Security Agency has said it discloses most of the vulnerabilities it finds, more or less.

"Historically, the NSA has released more than 91 per cent of vulnerabilities discovered in products that have gone through our internal review process and are made or used in the United States," the agency said on its website in 2015, or so the Internet Archive's Wayback Machine would have us believe.
Linkki

The remainder, the NSA said, are either fixed by vendors before disclosure or are retained for national security reasons.
Tässä on pohdittavaa cyberosaston johtajalle, joko annat bugit valmistajille taikka sitten säilytät ne harjoituksiin ja tositoimintaan. Mikä on moraalisesti se oikein asia? Zerodayn kanssa pitkään oli että niistä ei hiiskuttu kenellekkään ellei sitä siten käytetty, ja jossain tapauksissa jos halusit sanoa jotakin niin paskaa tuli niskaan. Ajan kuluessa ehkä tämäkin asia sitten rukataan tiedustelulakiin. Nyt se on auki kuin sen kuuluisan ladon ovet.
 
Viimeksi muokattu: