Archive for September 2013

Teens Prep for Cyberwar

Computer-savvy teens are putting down their game controllers — at least temporarily — for code writing and virus-sweeping. Call it “Red Dawn: Part Deux: Teen Cyber-Commandos.”

At events like the CyberLympics, CyberPatriot contest or just-announced “Toaster Wars,” sponsored by the National Security Agency, high school geek squads are competing to see who does the best job at preventing unauthorized computer intrusions.

This growing interest in cyberdefense comes at a time when the Pentagon officials are warning against damaging computer attacks from China and other nations, while stoking concerns that the United States education system hasn’t trained enough cyber-warriors to protect either military or civilian computer systems.

Utilities, power companies, tech firms, banks, Congress, universities and media organizations, all have faced suspected Chinese attacks in recent months.

“The threat has evolved so quickly,” said Diane Miller, Northrop Grumman’s director of information security and cyber initiatives. “It really has created a sense of urgency.”

The Pentagon and its defense contractors are behind these contests, which are designed to recruit kids to future careers in cyberdefense and IT security. The CyberPatriot contest, which is sponsored by the Air Force Association, has grown from eight high school squads in 2009 to more than 1,200 this year.

via Teens Prep for Cyberwar : Discovery News.

Inside the Effort to Crowdfund NSA-Proof Email and Chat Services

Back in 1999, Seattle-based activists formed the communication collective Riseup.net. The site’s email and chat services, among other tools, soon offered dissidents a means of encrypted communication essential to their work. Fourteen years later, Riseup is still going strong. In fact, they’ve been fighting the US state surveillance apparatus longer than most people have been aware of the NSA’s shenanigans. Now, the collective is hoping to expand, given the gross privacy transgressions of the NSA and US government as a whole.

“What surveillance really is, at its root, is a highly effective form of social control,” reads an August Riseup newsletter. “The knowledge of always being watched changes our behavior and stifles dissent. The inability to associate secretly means there is no longer any possibility for free association. The inability to whisper means there is no longer any speech that is truly free of coercion, real or implied. Most profoundly, pervasive surveillance threatens to eliminate the most vital element of both democracy and social movements: the mental space for people to form dissenting and unpopular views.”

The impetus behind the project is Riseup’s struggle to keep up with new user demand for an email service that doesn’t log IP addresses, sell data to third parties, or hand data over to the NSA. Riseup will also be able to expand its considerable anonymous emailing lists, which features nearly 6 million subscribers spread across 14,000 lists. Their Virtual Private Network (VPN), which allows users to securely connect to the internet as a whole, will also be made more robust. What Riseup can’t do is offer its users an anonymous browsing experience, but that’s not their aim.

via Inside the Effort to Crowdfund NSA-Proof Email and Chat Services | Motherboard.

4K Blu-ray discs leaked, manage a whopping 100GB capacity

The Blu-ray Disc Association may not have announced the 4K disc just yet but a manufacturer has taken the plunge already. Disc creator Singlus has revealed that it will be one company, “that provides the machine technology for three-layer Blu-ray Discs with a storage volume of about 100GB”.

The big question is, will normal Blu-ray players be able to read the discs with something as simple as a software update? It’s too early to say but that could be a huge factor in growing the popularity of 4K TV fast. And with plenty of 4K screens being pushed by the likes of Samsung, Sony and LG at IFA this year all the pieces appear to be falling into place for a clearer future.

Of course there are other 4K content options like Sony’s Unlimited 4K service and Netflix demoing 4K right now. But streaming will only be an option for those with a very good broadband connection.

This is a great step towards making 4K more common. And with Sky testing 4K broadcasts it’s only a matter of time before 4K TVs become more popular and affordable for all.

via 4K Blu-ray discs leaked, manage a whopping 100GB capacity – Pocket-lint.

Meet Hacking Team, the company that helps the police hack you

In 2001, a pair of Italian programmers wrote a program called Ettercap, a “comprehensive suite for man-in-the-middle attacks” — in other words, a set of tools for eavesdropping, sniffing passwords, and remotely manipulating someone’s computer. Ettercap was free, open source, and quickly became the weapon of choice for analysts testing the security of their networks as well as hackers who wanted to spy on people. One user called it “sort of the Swiss army knife” of this type of hacking.

Ettercap was so powerful that its authors, ALoR and NaGA, eventually got a call from the Milan police department. But the cops didn’t want to bust the programmers for enabling hacker attacks. They wanted to use Ettercap to spy on citizens. Specifically, they wanted ALoR and NaGA to write a Windows driver that would enable them to listen in to a target’s Skype calls.

That’s how a small tech security consultancy ended up transforming into one of the first sellers of commercial hacking software to the police. ALoR’s real name is Alberto Ornaghi and NaGA is Marco Valleri. Their Milan-based company, Hacking Team, now has 40 employees and sells commercial hacking software to law enforcement in “several dozen countries” on “six continents.”

via Meet Hacking Team, the company that helps the police hack you | The Verge.

Securing a Linux Server

It is a rare to watch someone secure a freshly installed server right off the bat, yet the world we live in makes this a necessity. So why do so many people put it off until the end, if at all? I’ve done the exact same thing, and it often comes down to wanting to get right into the fun stuff. Hopefully this post will show that it is far easier than you think to secure a server, and can be quite entertaining to look down from your fortress, when the attacks begin to flow.

This post is written for Ubuntu 12.04.2 LTS, however you can do similar things on any other Linux distribution.

via Securing a Linux Server | Spenser Jones.