Internet Anthropologist Think Tank: 11/14/10 - 11/21/10

  • Search our BLOG


  • HOME
    Terrorist Names SEARCH:
    Loading

    Saturday, November 20, 2010

    Five XM-25 in Afghan now

    This blog set to diaplay 20 days of posts. Sorry Blogspot only shows 3 days, waiting for a Google fix, G











    The U.S. military plans to order 12,500 XM-25s at a cost of $25,000 to $35,000 each. The rounds, about the size of a roll of quarters, cost between $25 and $35 each. Though the initial plan is to put an XM-25 with each squad and Special Forces team, the combat assessment, he said, will help gauge whether the military needs to order more, which will drive the price down.


    Could enough of these cause a Taliban surrender?




    G


    .



    Terrorist Names SEARCH:
    Loading

    Security vendors, spectators in a dog Fight

    This blog set to diaplay 20 days of posts. Sorry Blogspot only shows 3 days, waiting for a Google fix, G






    Cyber security firms, Vendors remind me of the spectators
    in dog fights.

    They watch, make comments, some even lament the 
    violence and amount of the thefts.

    But whats the difference between the security vendors?
    Not much, even the free security programs compete 
    effectively in terms of security.

    Microsoft vs. McAfee: How free antivirus outperformed paid

    So how do you decide which to buy?
    The one with the new bells and whistles?
    The one that promises the most?
    Or just hang with the one you've been
    using for ever?

    How can a security vendor stand out?

    Change your paradigm.
    I would be very impressed with a 
    vendor that actually goes out after
    the bad Guys.

    Knowing there isn't much difference
    between them, all ineffective to about
    the same level.

    I would be favourably disposed towards
    purchasing one that was going after botnets
    and shutting them down.

    I still remember the researchers who got
    into a botnet and didn't do a damn thing.
    The guys without BALLS.

    They weren't sure about the legality of
    taking down a botnet. They would have
    fit right into a WWII Germany, no offense
    meant to current Germany.

    Jeeze I mean the security vendors have the
    tools to best deal with these guys and they
    do NOTHING.

    They study the criminals and sell us new
    locks and fences.



    I suppose it works well for them on 
    an economic basis, guarantees their jobs.
    Of coures its not their job to go after the Bad guys
    on the net.

    But I'm just saying if one of them had the Balls
    to do so, they would have my business, Fidelity 
    and loyalty.


    Gerald
    Internet Anthropologist
    Tactical Internet Systems analyst.

    .
    Search feed: 
    CA, Check Point Software Technologies, Cisco Systems, EMC, IBM, Juniper Networks, McAfee, Microsoft, Symantec and Trend Micro.

    Again:
    White Hat Hacker Cracks ZeroAccess Rootkit  And doesn't crash it, damage it, just looks, No Guts, no balls, G


    .

    Terrorist Names SEARCH:
    Loading

    Two new hacker paradigms.

    This blog set to diaplay 20 days of posts. Sorry Blogspot only shows 3 days, waiting for a Google fix, G




    Two new hacker paradigms.



    Both very interesting, and amazing.

    One is a thru the cracks hacker making good money.
    The other is a old method updated, with new serious potential.

    The first is the Koobface Gang.
    Appearing to be a minor theft threat,
    hiding the potential of a major crippling strike.
    Based in St. Petersburg, Russia.
    The people behind the Koobface gang are known.
    But there have been no arrests in Russia.
    Large infrastructure, 500,000 fraudulent Google
    blogger and Gmail accounts, and 20,000 Facebook accounts.

    Our estimates put their take around $20 mil a year, and
    we think thats accurate. 
    Not bad for victim-less crime.
    The director of KG lets call him Ivan.
    Ivan rules with an iron hand, and isn't adverse
    to murder or a few broken legs.

    His paradigm is to steal pennies, 
    its like going into your local bank
    and stealing a nickel from your account.

    Jeeze its hardly worth the effort to make
    a phone call, my time is worth more than
    a nickel. Hundreds of thousand accounts
    every hour.

    They make use of their botnets in some
    very interesting ways, click campaigns,
    where they make 1/10 of cent for each 
    click their botnets make on some advertising
    sites. Millions of clicks.

    The frighting this is they could be pulling
    down Billions from crime, but they might
    loose their heads then. Our paradigm 
    intel indicates they are paying bribes 
    in the millions now.

    But by only taking a nickel instead of 
    thousands of dollars, they avoid creating
    victims who would file complaints,
    and hoped to avoid investigations into
    their activities.

    Ivan has been unmasked, FBS knows
    who he is and won't like it they aren't 
    getting their share.

    The risk is "someone" leaning on him
    pressuring him for the Billion dollar
    take. He has the back doors to really
    hurt his victims, maybe even cripple
    the Canadian sector.
    SOURCED From:

    His restraint paradigm can't be relied
    on, he could turn Greedy any time.

    We have BSU's probing for weaknesses.

    xxxxxxxxxxxxxxxxx

    The Second Dangerous paradigm is 
    the new/old BGP hijack.
    You might have read about it,

    This exploit was know about 12 yrs ago.
    And described this to intelligence agencies and to the National Security Council, in detail.
    The TTL adjustment was new.

    Nearly 15 percent of the world's Internet traffic, including that of many U.S. government and military sites, was briefly redirected through computer servers in China in April, according to a congressional commission report due out this week.

    It is not clear whether the incident was deliberate, but the capability could enable severe malicious activities including the diversion of data and the interception of supposedly secure encrypted Internet traffic, the U.S.-China Economic and Security Review Commission states in a report to Congress.

    ...18-minute-long April 8 redirection, including those for the Senate, all four military services, the office of the secretary of defense, the National Aeronautics and Space Administration, the Department of Commerce, the National Oceanic and Atmospheric Administration "and many others," as well as commercial websites including those of Dell, Yahoo, Microsoft and IBM.





    The important Military and Government data was encrypted to NSA standards.
    It was an 18 min snatch, Was it a test? was that 18 min period on April 8 significant ?
    Looks to approximate WWW traffic for a previous Cyber break in 2007.
    Stealing over 12 terabytes from State Dept, DOD, Dept of Commerce, Dept of Energy, NSA , Google and 34 other big Corps were also hacked. China was the suspect then also.

    Vice president of threat research at McAfee: Alperovitch: “This is one of the biggest — if not the biggest hijacks — we have ever seen.” And it could happen again, anywhere and anytime. It’s just the way the Internet works, he explained. “What happened to the traffic while it was in China? No one knows.”

    The telephone giants of the world work on a system based on trust, he explained. Machine-to-machine interfaces send out messages to the Internet informing other service providers that they are the fastest and most efficient way for data packets to travel. For 18 minutes April 8, China Telecom Corp. told many ISPs of the world that its routes were the best paths to send traffic. 

    An interesting point: China Telecom could manage to absorb this large amount of data and send it back out again without anyone noticing a disruption in service. In previous incidents, the data would have reached a dead end, and users would not have been able to connect.
    This points to a very resilient China system or somebody planed it.

    It could also mean 18 min of data was maximum amount of data they could absorb. 

    The TTL adjustment was new.
    The rest is old very OLD.

    BGP4 was always capable of directing traffic that is what it was designed to do.

    Path-prepending is a technique that's equally well known.
     
    This is no easy to attack this as you need to be trusted by your upstream ISPs. Since those ISPs have neither the interest nor the need
    to trust their customers to announce only their own BGP information many ISPs filter what customers can announce to them.

    Large ISPs are in a position to do it as they are trusted but have even less motivation in performing BGP hijacking. A successful BGP hijack by a large ISP would result in peers publicly mocking them and front page headlines that would not be good for business.
     
    Attracting a substantial amount of traffic and sending it out again is going to get noticed. Both on your bandwidth usage with the potential for a self inflicted fill the pipe ddos and by people watching traffic patterns/announcements in BGP.

    Here is one of the early bgp hijacks it was an accident but in 1997 this accident caused major outages and traffic to be redirected when as7007 hijacked a large portion of the internet.
    http://www.merit.edu/mail.archives/nanog/1997-04/msg00444.html

    A good collection of BGP security papers is available here:
    SOURCED HERE.
    XXXXXXXXXXXXXXXXXX


    It appears this is fixable,
    but the other element is was it intentional?
    And to what end?
    Going to China makes it problematic.
    The ability of China to absorb that volume
    of traffic speaks to their capability or
    to their intentional espionage.

    US and China need to work this out.
    Neither is going to attack the other.
    With the advent of Globalization and the amount of
    US Bonds China holds, a heavy cyber attack by China
    on USA would bleed them to death.
    One of the huge benefits to Globalization is
    the understanding you don't kill your best
    customers.
    Nor do you involve yourself in an attack
    that would significantly drop the value of your
    investment portfolio, US bonds.
    So China may have a huge cyber threat/
    weapon but its a big stick they can't use.
    Now espionage is a different animal.
    Its equivalent to listening in on 
    a spouses phone.
    On the other hand its quid pro quo,
    If US launched a crippling cyber attack
    on China it would be killing its biggest
    lender, and would cripple the US economy.

    USA and China are bed fellows,
    very nervous bed fellows, 
    but bed follows never the less.
    Wedded in Economic Globalization.
    Divorce for either resulting in economic
    disaster.

    Gerald
    Internet Anthropologist
    Tactical Internet Systems analyst.
    .BGP could bring down part of the WWW? Could this be used as Cyber weapon.
    other: CYBERWARS's Pearl Harbour.


    .

    Terrorist Names SEARCH:
    Loading

    Friday, November 19, 2010

    Taliban feeling pressure to POP

    This blog set to diaplay 20 days of posts. Sorry Blogspot only shows 3 days, waiting for a Google fix, G


    If your only reading Blog your only getting half the pic.


    Tweets OSINT, Paradigm Intel



    Internet Anthropologist TT: THE WWW PARADIGM  Observation, synthesis and action are the essence of applied Anthropology.


     GeraldAnthro 

    Taliban and al Qaeda defenses/offenses intuitive(whats left, what can we do). Therefore knowable. Proper headset = discovery.G



     GeraldAnthro 

    US support to flood areas doesn't go un-noticed,Taliban sees&sysAdmin &mounting Taliban dead, T squeezed from all sides. Negotiation an out
     GeraldAnthro 

    Saudi Arabia halted mediation Afghan and Taliban has refused to break ties with al-Qaida whom they fear.More Talbi pain forthwith.G



    jihad(was called'going on vacation')Kids not falling for Taliban propaganda,see thousands taliban dying.old Soviet feeling to flip, +to US.G


     GeraldAnthro 

    Mid-level Taliban commanders(kids)out of control.Leaders fear death from sky and al qaeda,keep talks secret,even deny.Taliban younger now.G
     GeraldAnthro 

    Karzai's bitchin about US up tempo ops points to the building pressure on Taliban they bitch to K and only way to slow ops is to negotiate.G
     GeraldAnthro 

    company of M1 Abrams tanks to be deployed Helmand province, date unknown.US has taken the gloves off,Past 2 mos hitting Taliban very hard,


    Get me to Afghan.


    .