Internet Anthropologist Think Tank: 10/10/10 - 10/17/10

  • Search our BLOG


  • HOME
    Terrorist Names SEARCH:
    Loading

    Saturday, October 16, 2010

    Internet Security, Whats Next?

    The future of Internet Security.
    Currently if your hooked to the internet then your
    not secure.

    Actually if your not hooked to the internet your
    not safe as stuxnet has shown.

    That would seem to indicate the problem
    isn't the Internet but your PC.

    Building bigger fire walls may not be the solution.
    Security Suites just don't do it.
    Its like they secure the first floor doors,
    but not the windows or the second story.

    is developing a proprietary operating system to protect its
    sensitive data from cyber attacks and hackers, according
    to
     
    Indo-Asian News Service.

    “Though it will be a real-time system with Windows software, source code and architecture will be proprietary, giving us the exclusivity of owning a system unknown to foreign elements and protect our security system,” Saraswat was quoted as saying by IANS.

    The new operating system will be designed to decrease the organization’s vulnerability and susceptibility to cyber attacks. It will also be used to protect the defense systems for computing in research areas such as molecular computing and bio-molecular computing.

    Saraswat said 50 scientists from various defense labs in Bangalore and New Delhi have been pooled to work on the project, as well as firms from the private sector.

    SOURCE:

    Thats what happens when Stuxnet invades your nuclear reactors.
    No damage, India just doesn't like someone looking over their
    shoulder when doing secret things.

    Bin Laden's legacy for the world won't be terrorism, it will
    be his caused the end of privacy. Thank you Binny.
    OBL killed privacy.

    You can't fight secret terrorist without the ability to
    invade anyones privacy at will, at least thats the current
    paradigm. Stuxnet, FISA, and the FBI letters allow spying
    at will, with very little of no over sight.
    The "NO oversight " will become problematic, as all the
    technological spying capabilities filter down to the Police
    to even the local levels, that paradigm speaks to a Police
    State some time in the future.



    Micro Soft side steps the issue, married to their
    windows OS software and failed security paradigm.
    They will not update security on illegal systems, no
    patches for you. Either everyone can be safe or no one
    is safe. Currently the unpatched windows OS are the 
    heartland of the Bots.

    But they have proposed a WHO, World Health Org,
    for the Internet. 

    When your sick PC connects to the Internet and starts distributing malicious spam andpropagating worms and viruses to other vulnerable systems, it impacts all who share the Internet. Microsoft's Scott Charney proposes a novel approach to addressing that issue, suggesting that we treat infected devices as we do infected people
    Many organizations have already adopted some form of network access protection (NAP). NAP solutions analyze the security configuration and posture of a given system before allowing it to connect to network resources. 

    If the user account password is too simple, or the personal firewall is disabled, or the antimalware software is not up to date, the device is redirected to a safe site that explains the baseline security requirements and provides links to get the computer compliant, or simply bans the computer from connecting.

    Of course they are ignoring that even if you do have firewalls, antimalware, patched, good passwords: your
    still not safe. Its smoke and mirrors.



    And the Feds are taking a different tact.
    Lynn previewed the Defense Department’s cyber strategy, expected to be finalized by the end of the year. The strategy has several elements, 
    including a defense in depth, with three layers: 
    first, follow commercial best practices on security; 
    second, deploy sensors, which map and detect intrusions; and, 
    third, conduct “active defense.” 
    Lynn describes active defense as a system that automatically deploys defenses in real time based on intelligence warnings. According to Lynn, “part sensor, part sentry, part sharpshooter, these active defense systems represent a fundamental shift in the U.S. approach to network defense.” This reference to “sharpshooters” raises questions, for it implies a more active role for the Defense Department.




    This paradigm is mostly reactive, after the breach.
    And alone will not protect even DOD networks.
    India's approach is the most sound, the problem is
    the operating system, and Micro Soft has chosen to
    ignore this, and their error of failing to act will cause
    them market share and market dominance.

    As sure as Walmart over took and buried Sears.
    If MS won't produce a secure OS somebody else
    will.

    MS focus still is on usability, multiple functionality
    not security. The net may even have to take a  step
    back, with less functional OS to achieve that security.
    Maybe no Movies or Music, to close some of those
    back doors. How many exploits against MS OS have 
    there been, hundreds, Thousands?

    There is a huge market for a secure OS, world wide
    demand. An OS focused on Security not functionality.

    If Micro Soft won't give us one somebody else will.

    A secure OS is a doubled sided sword for Intelligence
    agencys. A non secure OS makes it easier for them to
    obtain Intelligence but on their other hand it makes them
    vulnerable also.

    And as we have seen the Intelligence agencys prefer
    collecting intel to security, as the insurgent web sites
    are still up and running.

    So don't expect any help from NSA as a secure OS
    will limit their mission.

    In the mean time the world awaits a secure OS,
    hopefully before a cyber Armageddon.



    Gerald
    Internet Anthropologist

    .


    Terrorist Names SEARCH:
    Loading

    Friday, October 15, 2010

    Taliban vs US Military 10 yrs.

    How is the Taliban and al qaeda standing up to
    the most powerful Army ever in the history of the
    world? For 10 years?



    xxxxxxxxxxxxxxx






    An Army general has summed up the military challenge in Afghanistan: "We can't kill our way out of this thing."
    Maj. Gen. John Campbell commands Regional Command East (R.C. East) along the border with Pakistan, an insurgent heartland and one of the hottest areas in Afghanistan. As the general said at a Wednesday press conference, the environment in R.C. East is, using the contemporary vernacular, "very, very kinetic. If you go up into Kunar [province], up into the Pech River Valley, they're fighting every single day up there ... very, very kinetic to this day."
    XXXXXXXXXXXXXXXXXXXX
    Why can't the US kill the enemy?
    Why can't they kill their way out of Afghan
    insurgency?
    How have they been able to get recruits
    to replace the dead for 10 years?
    Where do they get the recruits?
    What paradigm are they using ?

    INFO WAR.

    VOA has gotten on board, in a big way, recently.

    the insurgents Producing a steady stream of
    propaganda and lies thru Media,
    Mosques, madrassas, Radio,
    night letters, TV and the Internet.
    Just this year the US military has addressed
    the issue of radios for the Ummah.

    The insurgents are better at getting their version
    out than the US is at getting its version out.
    They typically produce battle vids with causalities
    10 to 100 times actual damages.

    And vids and allegations on the Internet 15 min 
    to 30 min after the battle.
    Sometimes the US doesn't respond for a month
    to Taliban allegations.
    And for that month the Taliban allegations stand
    without the truth.

    They don't lose battles they have martyrs..
    And claim the martyrs as a victory
    They blame the CIA for the civilians they
    kill, and even though 72% don't like the
    Taliban they continue to get recruits.
    And they put out their propaganda in 
    all of the indigenous languages.



    Ahmed Quraishi is a good example
    of propaganda arm. Blatant lies. opinions
    presented as facts, and misstatement and 
    misleading headlines. And lack of sources.
    I've signed up 3 times to post on the site
    and each time my registration has been
    deleted.

    If the US can disconnect this propaganda
    machine they can interrupt the flow of recruits.



    But does Info War work?
    Well its all about winning the hearts and minds.
    And the Taliban and al Qaeda seem to be having 
    some success with it, standing up to the most
    powerful military the world has ever seen with
    just a few farmers and business men and Imams.
    And WWII grade weapons. No Armour, no air force,
    etc.

    Leaving the Taliban and insurgent web sites
    up may lead to intelligence collection but
    it also leads to never ending file of recruits
    and independent, spontaneous attacks in
    the US.
    US is allowing insurgent recruiting by
    tacit approval, leaving the web sites up.


    You are collecting Intel on insurgent operations
    you have enabled by leaving the insurgent web
    sites up.

    If we at Internet Anthropologist can take sites
    down than so can the Intelligence community.
    The insurgent sites are up with the tacit approval
    of US intelligence agencys.

    Make up your minds, stop the half measures.
    Interdicting attacks looks good in the press,
    but wouldn't it be better to cut down the attacks?




    Gerald
    Internet Anthropologist

    The Military has a doctrine for this, "Over whelming force"
    In this case it should be a paradigm of "Over Whelming
    Info"
    Truly Shock and awe (technically known as rapid dominance) 
    in the Info WAR.


    .



    Terrorist Names SEARCH:
    Loading

    Thursday, October 14, 2010

    Stuxnet 1.0, 2.0, 3.0

    Stuxnet 2.0

    We were going to write about the next generation of Stuxnet.
    But realized the Iranian Reactor Stuxnet is the 2.0 version.

    This paradigm was developed from paradigm Intel, BSU's
    and OSINT.

    The face of stuxnet.

    US to Iran CHECKMATE:


    From our post of 

    The trade publication Nucleonics Week, let me summarize an article that appeared in its Oct. 8 issue. It reported that Iran's supply of low-enriched uranium -- the potential feedstock for nuclear bombs -- appears to have certain "impurities" that "could cause centrifuges to fail" if the Iranians try to boost it to weapons grade.

    The impurities, certain metallic fluoride compounds, would interfere with centrifuge enrichment" at Iran's facility at Natanz
    From one of our sources inside the beltway.
    G
    "Their uranium is highly contaminated with molybdenum hexafluoride (MoF6)."

    If they try and use it in the centrifuges it destroys them.
    Iran took it all out and dumped it, they have no idea how
    it happened.

    Our hypothesis is Stuxnet 1.0 did the deed.

    And the current version of Stuxnet is 2.0,
    and was meant to be discovered.
    Version 1.0 is much stealthier, and as of yet
    still undiscovered.

    Version 2.0 exposure alone will stop Iran
    from trying to produce nukes.
    2.0 is built for persistence, Iran still
    can't get rid of it, if it exist on any of 
    the PC's or control machines it will
    reinfect everything, unless you kill
    every instance of it all at once.

    1.0 is much stealthier and has to date
    still avoided exposure. And is hiding 
    through Irans infrastructure, and if
    Iran is successful in killing 2.0 then
    the invisible will reinfect 2.0 all
    over again, Iran's Nuclear bomb
    program is doomed.

    And if Iran knows 2.0 is looking they
    will not try and restart a bomb program.
    They might try and rebuild the reactors
    and centrifuges but run the risk of infection
    they can't seem to kill.

    Our report from the Russians indicated
    Stuxnet successfully hit 1368 of 5000 centrifuges 
    at the uranium enrichment plant at Natanz, as 
    well as disrupted launch date of nuclear plant 
    at Bushehr.

    At this point Iran cannot even start an enrichment 
    program to make a nuke. Every time they do
    the product destroys the centrifuges.

    And they don't know why or how.
    Their head scientist  that is the head of the Atomic 
    Energy Organization of Iran , Gholam Reza 
    Aghazadeh (Gholam Reza Aghazadeh) resigned 
    without explanation. The Regime viewed him as
    a failure.



    This is the second time Iran has tried to enrich
    product approaching nuclear bomb grade and 
    is the second time their centrifuges have been 
    destroyed trying.

    Check Mate, 
    Iran is helpless before the cyber techno-threat.





    Stuxnet has crippled the Iranian Nuclear program
    for the foreseeable future.
    As the sanctions cripple the economy.
    Next move "Green Party" regime,
    change. Its up to you now.




    Gerald
    Internet Anthropologist
    Tactical Internet Systems analyst.

    .

    Terrorist Names SEARCH:
    Loading

    Wednesday, October 13, 2010

    Russian view of Stuxnet.

    From a Russian source.
    None of which have we confirmed.



    "I do not know what weapons will be fighting in World War III, but in the fourth to move go stones and clubs"
    Albert Einstein



    Stuxnet successfully hit 1368 of 5000 centrifuges at the uranium enrichment plant at Natanz, as well as disrupted launch date of nuclear plant at Bushehr.

    careless employee Siemens, inserting an infected USB flash drive into a workstation. Damage to Iran's nuclear facilities, comparable with the damage from Israeliair attacks. 

    Iran is helpless before the techno-threat.
    Iran's nuclear facilities in Natanz have also suffered very severely: 1368 of 5000 centrifuges were destroyed by the actions of Stuxnet.
    This malicious program was created to control manufacturing processes, in the literal sense, to manage the huge production capacity.

     it should be emphasized that last summer (remember, the spread Stuxnet began in 2009), resourceWikiLeaks reported serious nuclear accident in Natanz. Shortly thereafter, it became known that the head of the Atomic Energy Organization of Iran , Gholam Reza Aghazadeh (Gholam Reza Aghazadeh) resigned without explanation. Around the same time, media have statements of Israeli politicians and military about a possible confrontation with Iran on the technology front.
    In addition, Israel has corrected the projected date of receipt of Iran's atomic bomb, pushing her in 2014, and the powers of Meir Dagan (Meir Dagan) , head of the Mossad, has been extended for the sake of his involvement in unspecified "important projects".

    Noteworthy is the history of primary infection, marked the beginning of the spread of the virus. Obviously, the automated control system of this level are not connected to the web. An expert from Kibertsentra NATO in EstoniaKenneth Gears (Kenneth Geers) at a conference on security, suggested that the success of the attack Stuxnet depended entirely on contact with the right people ... and elementary USB-drives. "You can pay someone who will run the trojan in a closed system, or replace the memory stick, which was intended for internal use only" - reflects Gears.- "Just insert a standard USB-connector infected the stick, and Stuxnet immediately jumps automatically to the operating system, and no anti-virus programs and other measures to protect it is not a hindrance." Indeed, the "weak link" was the human factor - Stuxnet was entered into the system via the usual USB-drives, which inadvertently put in the workstation negligent employee. It is noteworthy that after the statement by Minister of Intelligence of Iran Heidar Moslehi (Heydar Moslehi) on the detention of "nuclear spies" (they were absolutely not involved in the Russian equipment), manual Siemens has recognized that the virus have brought the company's employees, stressing the unintentional contamination. It should be noted that Stuxnet affects only a specific type of controllers, Siemens, 

    And indeed, the head of the newly created U.S. Kibershtaba at the Pentagon, Gen. Keith Alexander (Keith Alexander) , speaking in Congress, has publicly stated that over the past few years the threat of cyberwarfare is increasing rapidly.

    NATO isn't equipped to handle this.
    Their guide lines don't indicate what is an act of war."The virus Stuxnet demonstrated how seriously we should relate to cyber security because with the help of these products can be destroyed vital infrastructure. In the case of Iran, the virus was, it seems, is aimed against a nuclear program, but similar viruses can destroy our economy, which is controlled by computers. It should be discussed in NATO: if a rocket destroys power, enters into force section 5. But how to act in case of attacks of computer viruses? "- Asked Mr. Toomas Hendrik.
    "The first of these principles is that we should recognize cyberspace what it has already become - the new war zone. In the same way as land, sea, air and outer space, cyberspace, we must consider how the scope of our actions, we will defend and which extend its military doctrine. That's what prompted us to create a unified Kiberkomandovanie in the Strategic Command. 

    Dmitry Rogozin , the permanent representative of Russia to NATO, to take place in the alliance process. Apparently, Russia is extremely concerned about the upcoming NATO summit in Lisbon, which will be held on November 20, after all it is planned to clarify the dilemma is whether to attack military and government computer networks NATO member occasion to use the 5-th article of the Washington Treaty and reply collective military strike.
    Thus, against the backdrop of hysteria, provoked Stuxnet, several states expressed the need for the formation of a joint policy for the prevention of cyber attacks. Will this lead to the desired result, even if we assume that will be worked out (and signed) a document regulating the use of destructive technologies? To us it seems very doubtful, too great temptations offered by high tech: the anonymity, security (for attack), an unprecedented ratio of price / performance ratio. " So, Stuxnet was only the first swallow era of techno-social revolution that began not just as dreamed.

    xxxxxxxxxxxxxx

    The Russians also are working on the wrong cyber security paradigm building security software to defend networks. Ignoring the OS insecurity problem.

    Cyber Command barking at wrong end of Dog.

    The Russians fear Stuxnet.
    I'm sure they have RBN hard at work.


    G

    .

    Terrorist Names SEARCH:
    Loading

    US cyber command big strides

    In our review of Military Cyber doctrine we find they have a good grasp
    of the scope and range of the Threats.



    But are lacking in the development of paradigms to handle these 
    threats. 

    For instance they are aware the WWW is vulnerable and have
    taken steps to secure the WWW nodes from major huge DOS
    attacks.

    But the possibility of unknown threats still exists.
    And the Military could find itself in combat without
    access to the WWW. 
    We have seen the seminal solution to a attack on 
    the WWW nodes in Stuxnet and feel confident in the ability
    of NSA to combat a DOS attack on the nodes, but unknown
    threats lurk.

    A exercise involving  shutting down the WWW for a
    section of the active combat forces would seem mandated.
    The hidden problems would come to light and possible 
    solutions could be spotted in advance of the event.
    Com CB radios and shortwave.



    Its not reasonable to assume the WWW will never go down.
    Can US forces function without WWW access?
    An exercise to see how fast they can set up a world
    wide intranet separate from the WWW for the Military
    and one for the critical infrastructure?
    How fast can they get a shipping transportation
    system up to feed the country, if the WWW goes
    down, what food supplies would be available?

    Another problematic situation is their adherence
    to out moded methods of response.
    "observe-orient-decide-act"
    In cyberspace, the time between execution and effect can be milliseconds.
    Nonetheless, the observe-orient-decide-act (OODA) loop remains a valid construct for examining the decision cycle in cyberspace. Ongoing operations can be considered those operations that span past the phases of warfare.

    While this does not preclude "Rules of Engagement",
    the lack of mention raises concerns, they have to have 
    the legal and power to take the treat off line in milliseconds,
    or the damage may be done before they can get approval
    to act. A rule of engagement should be if successfully attacked, 
    take that IP, attacker off line. NOW.
    No approval, no review, no waiting for approval,

    Another problem is the Flash Crash paradigm,
    there needs to be a liaison between the SEC and 
    NSA before a catastrophic event. 

    And the Intelligence community needs to 
    get up todate on the new threat door opened
    by the Supreme court.
    And the Stuxnet paradigm is very serious.
    While it provides an excellent deterrent,
    it also invites retaliation on the basis of
    anonymity, we are quite sure Iran is
    working on a counter strike.
    But this threat is maybe 2 years off,
    but its coming.



    Todate their cyber exercises have been too
    modest and minor.
    But we are pleased to see the leaps and 
    bounds they have made confronting the 
    cyber threats, headon.









    Gerald
    Internet Anthropologist
    Tactical Internet Systems analyst.


    Update: GAO


    Of the 24 recommendations in the President’s May 2009 cyber policy
    review report, 2 have been fully implemented, and 22 have been partially implemented. The two fully implemented recommendations involve appointing within the NSC.



    Agencies are moving slowly because they have not been assigned roles
    and responsibilities with regard to recommendation implementation.
    Specifically, although the policy review report calls for the
    Cybersecurity Coordinator to assign roles and responsibilities, agency
    officials stated they have yet to receive this tasking and attribute this to
    the fact that the Cybersecurity Coordinator position was vacant for 7
    months.

    SOURCE:
    http://www.gao.gov/new.items/d1124.pdf

    .

    Terrorist Names SEARCH:
    Loading

    Tuesday, October 12, 2010

    Supreme Court sells out America

    Supreme Court falls victim to law of unintended consequences.



    History will shame them all.

    History will mark this court with a shame that will follow all of
    them in the history books for years.

    The court seems good at dispensing law, but is short
    sighted when it comes to dispensing justice.
    And as the highest court in the land is capable of
    following either path. In the instant case they
    have followed the lead of Congress,
    The best congress money can buy.

    The court passed a judgment allowing Corporations
    unlimited secret advertising to influence elections.
    The court just opened a new front in the GWOT.
    A venue the Military cannot counter.
    The court has put the US at as great a risk as
    it ever experience during the cold war with
    the Russians nukes.

    Their imprudent actions has opened a new
    avenue of attack on America, and the enemies of
    America are just waking to the possibilities.

    The court has just opened our Elections to
    to a new domain for attack, Info War.

    But does Info War work?
    Well its all about winning the hearts and minds.
    And the Taliban and al Qaeda seem to b having 
    some success with it, standing up to the most
    powerful military the world has ever seen with
    just a few farmers and business men and Imams.
    And WWII grade weapons.

    US economy swears by it, only they call their
    Info War advertising, Pepsi and Coke Cola 
    know exactly of what I speak.

    Coke has convinced me a grown reasonable
    man, educated by one of the Big Ten universities
    to spend $1.20 for 5 cents worth of flavored colored
    water with out sweetener.

    I know it and I still do it.
    The court just put this power in the hands of
    Americas enemys. 
    By allowing any Corporation to spend unlimited
    amounts secretly in American elections.

    The US public is in for a flood of commercials
    from unknown powers lying about the facts in
    American elections.

    And thanks to the Wall St Banks we know 
    exactly how much it costs to buy an American
    Congressman. It maybe double the normal 
    amount though for an enemy of America.
    US congressmen have some pride.

    The court just opened the American elections 
    to unprecedented foreign influence. 
    And the ability for Wall St Banks and other 
    corporations to buy American elections.

    This shame will follow the court through out
    history. Strong on law and blind to justice.

    The supreme court just sold America to
    the highest bidder.

    Some may think that Americans are smarter
    than that but I point out the TV shows investigating
    Ghosts with a wide audience and Palidin was the 
    nominee for VP as evidence of the levels of American 
    intelligence and the Congressmen elected that continue
    to sell out. Bought and sold. Elected by that same
    constituency.

    And I can see no paradigm for American Military
    to counter this new Info War.

    The court sold out America, shame on them all.
    They just gave the insurgents a new weapon in
    the GWOT.
    The next big Info War will be fought here in
    America and in SECRET, thank you, Supreme
    court.



    Gerald
    Internet Anthropologist

    UPDATE OCT 5 2013
    MUST READ, IT HAPPENED, G

    Secret Puppet Master of GOP

    warintel.blogspot.fr/2013/10/secret-puppet-master-of-gop.html