Security on the WWW, NOT possible.
Security on the WWW, NOT possible.
Reviewing our current ops, paradigm intel and
state of the Art, I realized the need for a new
paradigm for Internet Security.
What we have seen confirms our research
there is No security and it is not possible to
secure the WWW or your PC.
First is our experience with Invisible persistent
threats, IPT, we have been using them since 1996
NO anti-virus, malware sweeper or even rootkit
tester can see them.
#2: Stuxnet was created to penetrate all known
anti-virus programs, security suites. It penetrates
PC's not even connected to the WWW.
#3: You can't tell if your PC is clean. You can run
security suites that tell you they didn't find anything.
NSA functions as though they HAVE been penetrated.
After getting on your PC, we can do a Pop UP of a Adobe
update, which you will click on, or maybe several email
from your "friends" list, trusted friends, which you will click
on.
Not only can we get on your PC but we can make you click
stuff to help us infect your PC.
You can do a re-install of your OS, but when you add
backups of your "stuff" that puts us right back on your PC.
So why do we buy security software, to keep 90% of
the kiddie script crap off your PC, stuff that will mess
up your OS, cause crashes etc.
So we know we can't be secure, what do we do?
Adapt, there are little give aways that you have company.
Tricks using "Task manager" listening to your fan, some
monitoring programs and forensics programs.
But you can't be sure there may not be any tell tales.
Encryption and anti-key loggers become more important.
Encryption is subject to attack by keyloggers, in discovering
passwords.
Encryption programs are subject to hacker attack as all programs.
But I think a method of encryption by hard ware may stand a chance.
As it wouldn't be subject to hacking like a program.
If we can't keep them off our PCs can we keep the data a secret,
encrypted?
But "they" can still get screen shots or even movies of your PC
screen. Whe n you de-crypt to read your work "They" can see it,
or a keylogger pick up everything you input.
Security programs are subject to hacker attacks, just change the
code. One operation involved getting into a password protected
site. We were able to spot the part of the program that changed
when a password was entered, back to what it was when there
was no password, cut and paste, the program then functioned
like there was no passwords, and opened right up.
Hardware is HARD, no code to change.
McAfee may be on to something.
There is no privacy or security on the WWW or your PC.
If you are unknown you can operate anonymously, but
if they have a IP or traceable info you can be found.
"Hideyourass.com" doesn't as the group anonymous has
found out, the VPN kept logs of users.
But it is possible to still hide who you are while you
are on the WWW.
But it isn't possible to secure your PC.
If they don't know who you are, they can't break
into your PC, targeted penetration.
But they can penetrate EVERYONES PC.
And might find you that way.
Privacy is dead, we need to adjust to that,
and everyone is learning just what that means.
How will our Grandchildren live in the full
light of transparency?
The Patriot act will not be appealed,
As the GWOT winds down, Law Enforcement
will wind up using all the technology to eliminate
privacy.
The FBI will not give up national security letters,
nor the ability to keep its use a secret, its unlawful
to disclose a national security letter request. And
there is no court oversight.
Bin Laden killed privacy for the world.
Gerald
Tactical Internet Systems analyst.
Changing the cyber sec Paradigm: Expert Voices Event Registration |
Booz Allen Hamilton: Good start, Ghttp://j.mp/nENsKW
Reviewing our current ops, paradigm intel and
state of the Art, I realized the need for a new
paradigm for Internet Security.
What we have seen confirms our research
there is No security and it is not possible to
secure the WWW or your PC.
First is our experience with Invisible persistent
threats, IPT, we have been using them since 1996
NO anti-virus, malware sweeper or even rootkit
tester can see them.
#2: Stuxnet was created to penetrate all known
anti-virus programs, security suites. It penetrates
PC's not even connected to the WWW.
#3: You can't tell if your PC is clean. You can run
security suites that tell you they didn't find anything.
NSA functions as though they HAVE been penetrated.
After getting on your PC, we can do a Pop UP of a Adobe
update, which you will click on, or maybe several email
from your "friends" list, trusted friends, which you will click
on.
Not only can we get on your PC but we can make you click
stuff to help us infect your PC.
You can do a re-install of your OS, but when you add
backups of your "stuff" that puts us right back on your PC.
So why do we buy security software, to keep 90% of
the kiddie script crap off your PC, stuff that will mess
up your OS, cause crashes etc.
So we know we can't be secure, what do we do?
Adapt, there are little give aways that you have company.
Tricks using "Task manager" listening to your fan, some
monitoring programs and forensics programs.
But you can't be sure there may not be any tell tales.
Encryption and anti-key loggers become more important.
Encryption is subject to attack by keyloggers, in discovering
passwords.
Encryption programs are subject to hacker attack as all programs.
But I think a method of encryption by hard ware may stand a chance.
As it wouldn't be subject to hacking like a program.
If we can't keep them off our PCs can we keep the data a secret,
encrypted?
But "they" can still get screen shots or even movies of your PC
screen. Whe n you de-crypt to read your work "They" can see it,
or a keylogger pick up everything you input.
Security programs are subject to hacker attacks, just change the
code. One operation involved getting into a password protected
site. We were able to spot the part of the program that changed
when a password was entered, back to what it was when there
was no password, cut and paste, the program then functioned
like there was no passwords, and opened right up.
Hardware is HARD, no code to change.
McAfee may be on to something.
There is no privacy or security on the WWW or your PC.
If you are unknown you can operate anonymously, but
if they have a IP or traceable info you can be found.
"Hideyourass.com" doesn't as the group anonymous has
found out, the VPN kept logs of users.
But it is possible to still hide who you are while you
are on the WWW.
But it isn't possible to secure your PC.
If they don't know who you are, they can't break
into your PC, targeted penetration.
But they can penetrate EVERYONES PC.
And might find you that way.
Privacy is dead, we need to adjust to that,
and everyone is learning just what that means.
How will our Grandchildren live in the full
light of transparency?
The Patriot act will not be appealed,
As the GWOT winds down, Law Enforcement
will wind up using all the technology to eliminate
privacy.
The FBI will not give up national security letters,
nor the ability to keep its use a secret, its unlawful
to disclose a national security letter request. And
there is no court oversight.
Bin Laden killed privacy for the world.
Gerald
Tactical Internet Systems analyst.
Changing the cyber sec Paradigm: Expert Voices Event Registration |
Booz Allen Hamilton: Good start, Ghttp://j.mp/nENsKW
1 Comments:
Having read this in your article, "...After getting on your PC, we can do a Pop UP of a Adobe
update, which you will click on, or maybe several email from your "friends" list, trusted friends, which you will click
on."
You could most assuredly have heard the gears turning in my head when a Adobe reader update popped as I closed your blog. ...shit... I thought, looking at the blicking icon beaconing me to update now!
Nice article. Have a nice day. :-)
Post a Comment
Subscribe to Post Comments [Atom]
<< Home