new icn messageflickr-free-ic3d pan white
View allAll Photos Tagged New+Phishing+exploit

Quelle:

de.wikipedia.org/wiki/Hacker_(Computersicherheit)

en.wikipedia.org/wiki/Hacker_(computer_security)

Hacker aus dem Bereich der Computersicherheit beschäftigen sich mit Sicherheitsmechanismen und deren Schwachstellen. Während der Begriff auch diejenigen beinhaltet, die Sicherheitslücken suchen, um sie aufzuzeigen oder zu korrigieren, wird er von den Massenmedien und in der allgemeinen Öffentlichkeit häufiger für Personen benutzt, die unerlaubt in fremden Systemen solche Lücken ausnutzen. Entsprechend ist der Begriff stark positiv beziehungsweise negativ belegt.[1]

  

Abhängig von der Motivation und Loyalität zu den Gesetzen, wird unterschieden zwischen White-Hat-, Grey-Hat- und Black-Hat-Hackern, wobei insbesondere Black-Hats auch als Cracker bezeichnet werden.

Nachdem eine Gruppe jugendlicher Hacker, bekannt als The 414s, in zahlreiche Computersysteme der Vereinigten Staaten eindrang, forderte der Kongressabgeordnete Dan Glickman eine Untersuchung und neue Gesetze gegen das Hacken.[2] Neal Patrick, der damals 17-jährige Sprecher der Hackergruppe, wurde am 26. September 1983 vor dem Repräsentantenhaus der Vereinigten Staaten über die Gefahren des Hackens befragt, und noch im gleichen Jahr wurden sechs Gesetzesentwürfe zur Computerkriminalität in das Repräsentantenhaus eingebracht.[3] In Deutschland wurde im August 1986 Computersabotage im Allgemeinen, und die unbefugte Manipulation von Daten im Besonderen, als spezielle Form der Sachbeschädigung in das Strafgesetzbuch aufgenommen (§ 202a, § 303a und § 303b des StGB).

  

Nach der Einführung der Gesetze zur Computerkriminalität begannen sich White-Hat-, Grey-Hat- und Black-Hat-Hacker voneinander abzugrenzen, abhängig von der Gesetzmäßigkeit ihrer Tätigkeiten. Diese Einteilung basiert auf alten Western-Filmen, welche „Cowboys“ aufgrund ihrer Hutfarbe als „gut“ (weiß), „neutral“ (grau) oder „böse“ (schwarz) charakterisiert:

  

White-Hats („Weiß-Hüte“):

Verwenden ihr Wissen sowohl innerhalb der Gesetze als auch innerhalb der Hackerethik, beispielsweise indem sie professionelle Penetrationstests ausführen.

Grey-Hats („Grau-Hüte“):

Verstoßen möglicherweise gegen Gesetze oder restriktive Auslegungen der Hackerethik, allerdings zum Erreichen eines höheren Ziels. Beispielsweise durch die Veröffentlichung von Sicherheitslücken, um ein Leugnen unmöglich zu machen und die Verantwortlichen dazu zu zwingen, diese zu beheben. Grey-Hats zeichnen sich dadurch aus, dass sie nicht eindeutig als „gut“ oder „böse“ einzustufen sind.

Black-Hats („Schwarz-Hüte“):

Handeln mit krimineller Energie und beabsichtigen beispielsweise, das Zielsystem zu beschädigen oder Daten zu stehlen.

Mangels klarer Trennlinie nimmt diese Unterteilung in der Praxis wenig Bezug auf real existierende Personen und steht vielmehr als Begrifflichkeit für eine bestimmte Art des Hackens.

  

Kontroverse zum Hackerbegriff

Als Reaktion auf schlechte Presse vertritt das Jargon File seit 1990 den Standpunkt, dass der Begriff ‚Hacker’ für die Personengruppen, die ihre Aktivitäten betont auf die Umgehung von Sicherheitsmechanismen legen, ungeachtet ihrer Motivation zu missbilligen ist und schlägt stattdessen Cracker vor.[4] Die Forderung, ein anderes Wort zu verwenden, wurde jedoch von der Presse nicht wahrgenommen oder weitestgehend ignoriert.

  

Hacker aus dem Bereich der Computersicherheit, insbesondere der Teil, der sich als gesetzestreu versteht, erheben weiterhin einen Mitverwendungsanspruch auf den Hackerbegriff und akzeptieren die Bezeichnung als Cracker nur für die dunkler gefärbten Richtungen. Auch von ihnen wird mitunter eine deutliche Abgrenzung zwischen Hacker und Cracker gefordert. Ein Teil derart abgegrenzter Cracker möchte sich jedoch ebenfalls als Hacker bezeichnet wissen.

  

Daneben zählen Skriptkiddies innerhalb der Computersicherheit zu den Crackern. Sie nutzen vorgefertigte Automatismen, um (meist unter schriftlicher Anleitung) in fremde Computersysteme einzudringen oder sonstigen Schaden anzurichten. Obgleich ihnen die beim Hackerbegriff notwendige tiefe Grundlagenkenntnis der Materie fehlt, werden Skriptkiddies innerhalb des Boulevardjournalismus gewöhnlich als „Hacker“ betitelt.[5]

  

Populäre Techniken

Social Engineering

Beschreibt eine Technik, die es erlaubt, über gesellschaftliche Kontakte an die vom Hacker begehrten Informationen zu gelangen.

Trojanisches Pferd

Als Trojanisches Pferd bezeichnet man ein Programm, welches als nützliche Anwendung getarnt ist, im Hintergrund aber ohne Wissen des Anwenders eine andere Funktion erfüllt.

Backdoor

Dieser Begriff bezeichnet einen (oft vom Autor eingebauten) Teil eines Computerprogramms, der es Benutzern ermöglicht, unter Umgehung der normalen Zugriffssicherung Zugang zum Computer oder einer sonst geschützten Funktion eines Computerprogramms zu erlangen. Als Beispiel sei das Universalpasswort für ein BIOS genannt oder eine spezielle (meist durch einen Trojaner heimlich installierte) Software, die einen entsprechenden Fernzugriff auf das Computersystem ermöglicht.

Rootkits

Die Rootkit-Technik dient dazu, bestimmte Objekte und Aktivitäten vor den Augen des Anwenders zu verbergen. So werden sie meist nach dem Einbruch in ein Computersystem auf dem kompromittierten System installiert, um geheime Prozesse und Dateien zu verstecken sowie zukünftige Logins des Eindringlings zu verbergen.

Denial of Service (DoS)

Meint eine Außerstandsetzung eines Netzwerkdienstes, beispielsweise durch Überlastung.

Exploit

Ein Exploit ist ein Computerprogramm oder Skript, welches spezifische Schwächen oder Fehlfunktionen eines anderen Computerprogramms ausnutzt, um erweiterte Privilegien zu erlangen oder um eine DoS-Attacke auszuführen.

Vulnerability Scanner

Diese Technik dient der automatischen Analyse von Computersystemen. Dabei suchen Hilfsprogramme gezielt nach Sicherheitslücken in einer Anwendung, einem Computer oder einem Netzwerk und können dabei helfen, Anfälligkeiten zu erkennen.

Sniffer

Ein Sniffer realisiert die Technik, den Datenverkehr eines Netzwerks oder eines am Rechner angeschlossenen Gerätes zu empfangen, aufzuzeichnen, darzustellen und gegebenenfalls auszuwerten. Beispielsweise kann ein Netzwerk-Sniffer dafür genutzt werden, um Passwörter auszuspionieren und übertragene Daten einzusehen.

Keylogger

Eine Technik zum Aufzeichnen der Tastatureingaben, zum Beispiel um an diverse Zugangsdaten zu gelangen.

Virus

Ein Computervirus ist ein Computerprogramm oder Skript, welches die spezielle Eigenschaft hat, sich selbst zu reproduzieren, sobald es einmal ausgeführt wird. Dadurch gelangt der Virus auf andere Datenträger, wie Netzwerklaufwerke und Wechselmedien. Durch Interaktion des Benutzers, der ein infiziertes Wechselmedium an ein anderes System anschließt oder eine infizierte Datei startet, gelangt der Virencode auch dort zur Ausführung, wodurch weitere Systeme von dem Virus infiziert werden. Neben der geheimen Verbreitung kann die Schadfunktion des Virus vom Anwender nicht kontrollierbare Veränderungen am System vornehmen. Auf diese Weise ist es möglich, zahlreiche Rechner eines Firmennetzwerks oder gar Server aus dem Internet halb automatisiert zu kompromittieren.

Wurm

Im Gegensatz zum Virus benötigt der Computerwurm ein auf dem System bereits installiertes Hilfsprogramm, welches er dazu verwendet, um sich auf ein anderes System zu kopieren. Das könnte zum Beispiel ein bestimmtes E-Mail-Programm sein, welches der Wurm fernsteuert, um sich an alle dort eingetragenen Adressaten zu verteilen. Je nach Art des Hilfsprogramms kann sich der Wurmcode auf dem neu infizierten System manchmal sogar selbst ausführen, weshalb dann keine Interaktion mit dem Benutzer mehr notwendig ist, um sich von dort aus weiter zu verbreiten. Daher ist diese Methode sehr effizient. Auf Systemen, die nicht über das benötigte Hilfsprogramm verfügen, kann sich der Wurm allerdings nicht reproduzieren.

physischer Zugang

Eine häufig unterschätzte Möglichkeit, sich Zugang zu verschaffen, besteht darin, in die Räumlichkeiten zu gelangen, in denen sich sicherheitskritische Hardware befindet.

Historischer Abriss aus dem Bereich Phreaking und Computersicherheit[Bearbeiten]

Chronisten der Hackerkultur gehen bei ihrer Suche nach dem Ursprung teilweise zurück bis in die Antike. Die griechische Erfindung des Trojanischen Pferdes gilt manchen als erster Hack überhaupt.[6] Operatoren der Telegrafen- (seit Mitte der 1840er) und Telefonnetze (seit Ende der 1870er), die häufig ebensolche Technikenthusiasten waren, wie die Hacker heute, nutzten ihr Wissen, um das Netz für ihre eigenen Zwecke zu verwenden. Sie gelten als Vorläufer der heutigen Hacker.[6] Einer der berühmtesten unter ihnen war der Erfinder Thomas A. Edison.[6] Die entsprechende Verwendung des Wortes Hacker ist eng mit der Geschichte des Computers verbunden, wobei Hacker aus dem Bereich der Netzwerk- und Computersicherheit aus der Subkultur des Phreaking hervorgegangen sind:[7] [6]

  

1971 veröffentlicht der Yippie Abbie Hoffman in seinem Buch „Steal This Book“ und einem Rundbrief namens „Youth International Party Line“ Methoden, um die Gebührenzahlung an Telefongesellschaften zu umgehen. Im selben Jahr erscheint auch ein entsprechender Bericht im Hochglanzmagazin „Esquire“,[8] sowie ein Jahr später im radikalen Magazin „Ramparts“. Infolgedessen entsteht die Ära des kostenlosen Telefonierens, das sogenannte Phreaking. Dies stellt die erste markante Assoziation zwischen dem Begriff Hacken und dem Überwinden von Sicherheitsbarrieren dar, in dessen Zusammenhang oft der Hacker John T. Draper, auch bekannt als Captain Crunch, und Joybubbles erwähnt wird.

  

1973 sind die beiden späteren Gründer von Apple, Steve Wozniak und Steve Jobs, auch im Phreaking-Umfeld aktiv und bauen zusammen mit John T. Draper Blue-Boxes.[6]

  

1981 wird der Chaos Computer Club (CCC) gegründet, ein deutscher Verein von und für Hacker, der im deutschen Raum hauptsächlich für die Belange im Bereich Datenschutz, Informationsfreiheit und Datensicherheit tätig ist und für ein Menschenrecht auf Kommunikation eintritt. Er wird gegründet, um Hackern eine Plattform zu geben, so dass sie über Aktivitäten und entdeckte Sicherheitslücken berichten können, ohne Strafverfolgung befürchten zu müssen.

  

1982 bricht eine Gruppe von sechs Teenagern in etwa 60 Rechnersysteme von Institutionen ein, die sich von Laboratorien aus Los Alamos bis Manhattans Krebszentrum Sloan-Kettering erstrecken, bevor sie festgenommen werden. Die Hackergruppe nennt sich nach der Vorwahl ihres Ortes Milwaukee „The 414s“. Sie werden im darauf folgenden Jahr vom FBI gefasst, wodurch der Fall eine große Popularität erlangt. Aufgrund der damaligen Gesetzeslage werden die meisten von ihnen jedoch nicht angeklagt. In der Cover-Story des Newsweek-Artikels „Beware: Hackers at play“ vom 5. September 1983 findet sich ihre Geschichte wieder. Das ist die erste Benutzung des Worts ‚Hacker‘ in überregionalen Medien, die den Begriff in abwertender Weise verwenden.

  

1983 erscheint der Film WarGames – Kriegsspiele und führt in der breiten Öffentlichkeit zum Phänomen der Massenparanoia vor Hackern und ihren mutmaßlichen Fähigkeiten, durch Hacken eine nukleare Katastrophe herbeiführen zu können. Gleichzeitig erhält der Geheimdienst Secret Service eine Abteilung für Kreditkarten- und Computerbetrug.

  

1984 startet der erste alljährliche Chaos Communication Congress, die älteste und größte internationale Hackerkonferenz in Europa. Im selben Jahr stellt der CCC mit dem BTX-Hack eine Schwachstelle im bislang als sicher titulierten BTX-System der Bundespost unter Beweis. Ebenfalls 1984 gründet jemand, der sich Lex Luthor nennt, eine Hackergruppe namens „Legion of Doom“ (LoD/H), die später eine der bekanntesten Hackergruppen wird und sich mit einer konkurrierenden Gruppe „Masters of Deception“ einen erbitterten Kampf liefert. In den frühen 1990er Jahren werden beide Hackergruppen in Zusammenarbeit zwischen dem Secret Service und dem FBI zerschlagen, wobei viele ihrer Mitglieder verhaftet werden.

  

1985 wird Loyd Blankenship (ein bekannter US-amerikanischer Hacker, der sich selbst „The Mentor“ nennt) verhaftet, woraufhin er ein noch heute oft zitiertes Schreiben mit dem Titel „Hacker’s Manifesto“ veröffentlicht. Es verschafft einen groben Einblick in die Gefühlswelt eines damaligen Hackers der Phreaking-Kultur. Im selben Jahr beginnt eine Hannoversche Hackergruppe um Karl Koch und Markus Hess mit einer Reihe von Einbrüchen in verschiedene westliche Computersysteme, um die Daten an den russischen Geheimdienst (KGB) zu verkaufen. Die Hacks werden unter anderem durch einen Bug in der Emacs-Komponente movemail möglich. Erst im März 1989 gelingt es der Polizei und dem Bundesnachrichtendienst die Hackergruppe endgültig zu zerschlagen, wobei der KGB-Hack in der Öffentlichkeit auf sich aufmerksam macht, da er den ersten bekannten Cyberspionagefall darstellt.

  

1987 wird die Organisation „Computer Emergency Response Team“ (CERT) gegründet, die sich durch öffentliche Mittel finanziert und möglichst zeitnah Warnungen vor Sicherheitslücken herausgibt. Im selben Jahr gelingt es norddeutschen Hackern, Zugriff auf die Systeme im von NASA und ESA betriebenen SPANet zu erhalten, was später als NASA-Hack bezeichnet wird.

  

1988 schreibt Robert Tappan Morris aus Neugierde ein Programm, welches auf dem UNIX-System automatisiert nach bekannten Schwachstellen sucht. Es ist in der Lage, diese Schwachstellen zu gebrauchen, um sich auf andere Systeme zu kopieren und dort auszuführen. Als sein Versuch außer Kontrolle geriet, sieht sich die Computerwelt mit dem ersten Wurm konfrontiert, der sich über das ARPAnet (dem Vorgänger zum Internet) verbreitet und dank seiner permanent arbeitenden Verbreitungsroutine über 6.000 vernetzte Computer der Regierung und Universitäten blockiert. Über ein unzureichend gesichertes Computersystem gelingt es im selben Jahr erstmals einem Eindringling, die First National Bank von Chicago um 70 Millionen US$ zu erleichtern. Wenig später wird der Hacker Kevin Mitnick, alias condor, verhaftet, weil er die E-Mail von Sicherheitsbeamten des MCI Communications und Digital Equipment Corporation (DEC) insgeheim überwachte. Acht Monate in Einzelhaft und weitere sechs Monate im Half Way House sind die Folge seiner Tat. Danach soll er, größtenteils mit Hilfe von Social Engineering, mehrfach in das Netzwerk des Pentagon eingedrungen sein. Auch legt man ihm den Einbruch in das System der NSA und das Eindringen in das NORAD-Netzwerk zur Last, wobei er selbst vor allem Letzteres immer bestritten hat. Mehr als fünf Jahre lang gilt er als die meistgesuchte Person in den USA, bis er 1995 erneut vom FBI verhaftet und zunächst zwei Jahre ohne Gerichtsverhandlung gefangen gehalten wird. Ebenfalls im Jahr 1988 wird Kevin Poulsen beschuldigt, Telefonanlagen manipuliert zu haben. Zu einer erfolgreichen Anklage kommt es jedoch erst 1993, in der ihm und zwei seiner Freunde, Ronald Austin und Justin Peterson, vorgeworfen wird, zwischen 1990 und 1993 zahlreiche Radiogewinnspiele manipuliert zu haben. Das Trio erlangte Kontrolle über alle Telefonleitungen der Radiostation und stellte damit sicher, dass ausschließlich ihre eigenen Anrufe durchkamen, wodurch sie zwei Porsche, 20.000 US$ und einige Reisen gewannen. Kevin Poulsen verbringt daraufhin fünf Jahre seines Lebens im Gefängnis.

  

1990–1999 Das Aufkommen von Würmern und Viren nimmt in dieser Zeit rapide zu. 1993 startet die erste DEF CON, eine alljährliche Hackerkonferenz, in Las Vegas. Mitte der 1990er Jahre berichtet der US-amerikanische Bundesrechnungshof, dass im Schnitt 250.000 Mal im Jahr Hacker versuchen, auf Dateien des Verteidigungsministeriums zuzugreifen. Nach deren Bericht sind etwa 65 Prozent der Versuche erfolgreich.[9] 1997 dringt ein 15 Jahre alter kroatischer Jugendlicher in die Computer einer Luftwaffenbasis in Guam, USA, ein. Eine Gruppe von Hackern um Natasha Grigori, Gründerin von antichildporn.org, nutzen erstmals in der Hackergeschichte ihre Fertigkeiten, um die Verteiler von Kinderpornografie gezielt zu verfolgen und ihre Informationen an die Hüter der Gesetze weiterzugeben. 1998 werden zwei Hacker von einem Gericht in China zum Tode verurteilt. Ende der 1990er Jahre gibt es die ersten organisierten, politisch motivierten Hackerattacken in den USA.

  

2000–2005 Anfang 2000 werden DDoS-Attacken populär, eine Variante von DoS, welche automatisiert von mehreren Rechnern gleichzeitig ausgeführt wird. Politisch motivierte Hacker verunstalten Webseiten der indischen und israelischen Regierungen, um auf die Unterdrückung in Kaschmir und Palästina aufmerksam zu machen. Permanenten Hackerattacken ausgesetzt, unterbricht Microsoft seine Entwicklung und schickt erstmals über 8.000 Programmierer zu einer Schulung, die dazu dienen soll, programmiertechnische Schwachstellen künftig zu vermeiden.

  

Siehe dazu auch den Artikel in der englischsprachigen Wikipedia.[10]

  

Hackermagazine

Zum Informationsaustausch unter Hackern wurden seit den 1980ern eine Reihe von Untergrund-Magazinen gegründet. Beispiele sind das 2600 magazine und das inzwischen nur noch unregelmäßig veröffentlichte Phrack. Diese Entwicklung wurde von den Phreaks der frühen 1970er Jahre angeschoben, die in illegalen Untergrund-Magazinen wie der TAP ihre Informationen weitergaben.

  

Es gibt jedoch auch Magazine, die völlig legal sind. Ein bekanntes deutschsprachiges Magazin ist die vom Chaos Computer Club herausgegebene Datenschleuder.

In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network. Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge or enjoyment.[1] The subculture that has evolved around hackers is often referred to as the computer underground and is now a known community.[2] While other uses of the word hacker exist that are not related to computer security, such as referring to someone with an advanced understanding of computers and computer networks,[3] they are rarely used in mainstream context. They are subject to the longstanding hacker definition controversy about the term's true meaning. In this controversy, the term hacker is reclaimed by computer programmers who argue that someone who breaks into computers, whether computer criminal (black hats) or computer security expert (white hats),[4] is more appropriately called a cracker instead.[5] Some white hat hackers claim that they also deserve the title hacker, and that only black hats should be called "crackers".

  

Bruce Sterling traces part of the roots of the computer underground to the Yippies, a 1960s counterculture movement which published the Technological Assistance Program (TAP) newsletter.[citation needed] TAP was a phone phreaking newsletter that taught techniques for unauthorized exploration of the phone network. Many people from the phreaking community are also active in the hacking community even today, and vice versa.

  

Several subgroups of the computer underground with different attitudes use different terms to demarcate themselves from each other, or try to exclude some specific group with which they do not agree.

  

Eric S. Raymond, author of The New Hacker's Dictionary, advocates that members of the computer underground should be called crackers. Yet, those people see themselves as hackers and even try to include the views of Raymond in what they see as a wider hacker culture, a view that Raymond has harshly rejected. Instead of a hacker/cracker dichotomy, they emphasize a spectrum of different categories, such as white hat, grey hat, black hat and script kiddie. In contrast to Raymond, they usually reserve the term cracker for more malicious activity.

  

According to Ralph D. Clifford, a cracker or cracking is to "gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system".[6] These subgroups may also be defined by the legal status of their activities.[7]

  

White hat

Main article: White hat

A white hat hacker breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker. This classification also includes individuals who perform penetration tests and vulnerability assessments within a contractual agreement. The EC-Council,[8] also known as the International Council of Electronic Commerce Consultants, is one of those organizations that have developed certifications, courseware, classes, and online training covering the diverse arena of Ethical Hacking.[7]

  

Black hat

A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain" (Moore, 2005).[9] Black hat hackers form the stereotypical, illegal hacking groups often portrayed in popular culture, and are "the epitome of all that the public fears in a computer criminal".[10] Black hat hackers break into secure networks to destroy data or make the network unusable for those who are authorized to use the network. Black hat hackers are also referred to as the "crackers" within the security industry and by modern programmers. Crackers keep the awareness of the vulnerabilities to themselves and do not notify the general public or manufacturer for patches to be applied. Individual freedom and accessibility is promoted over privacy and security. Once they have gained control over a system, they may apply patches or fixes to the system only to keep their reigning control. Richard Stallman invented the definition to express the maliciousness of a criminal hacker versus a white hat hacker who performs hacking duties to identify places to repair.[11]

  

Grey hat[edit]

Main article: Grey hat

A grey hat hacker is a combination of a black hat and a white hat hacker. A grey hat hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has a security defect, for example. They may then offer to correct the defect for a fee.[10]

  

Elite hacker

A social status among hackers, elite is used to describe the most skilled. Newly discovered exploits circulate among these hackers. Elite groups such as Masters of Deception conferred a kind of credibility on their members.[12]

  

Script kiddie

A script kiddie (also known as a skid or skiddie) is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, hence the term script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, child—an individual lacking knowledge and experience, immature),[13] usually with little understanding of the underlying concept.

  

Neophyte

A neophyte, "n00b", or "newbie" is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology and hacking.[10]

  

Blue hat

A blue hat hacker is someone outside computer security consulting firms who is used to bug-test a system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term BlueHat to represent a series of security briefing events.[14][15][16]

  

Hacktivist

A hacktivist is a hacker who utilizes technology to publicize a social, ideological, religious or political message.

  

Hactivism can be divided into two main groups:

  

Cyberterrorism - Activities involving website defacement or denial-of-service attacks.

Freedom of information - Making information that is not public, or is public in non-machine-readable formats, accessible to the public.

Nation state[edit]

Intelligence agencies and cyberwarfare operatives of nation states.[17]

  

Organized criminal gangs

Groups of hackers that carry out organized criminal activities for profit.

A typical approach in an attack on Internet-connected system is:

  

Network enumeration: Discovering information about the intended target.

Vulnerability analysis: Identifying potential ways of attack.

Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.[18]

In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.

  

Security exploits[edit]

Main article: Exploit (computer security)

A security exploit is a prepared application that takes advantage of a known weakness.[19] Common examples of security exploits are SQL injection, Cross Site Scripting and Cross Site Request Forgery which abuse security holes that may result from substandard programming practice. Other exploits would be able to be used through FTP, HTTP, PHP, SSH, Telnet and some web-pages. These are very common in website/domain hacking.

  

Vulnerability scanner

A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Firewalls defend computers from intruders by limiting access to ports and machines, but they can still be circumvented.)

Brute force Attack

Password guessing, this method is very fast when used to check all short passwords, but for longer passwords other methods such as the dictionary attack are used because of the time a brute-force search takes.

Password cracking

Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.

Packet sniffer

A packet sniffer is an application that captures data packets, which can be used to capture passwords and other data in transit over the network.

Spoofing attack (Phishing)

A spoofing attack involves one program, system or website that successfully masquerades as another by falsifying data and is thereby treated as a trusted system by a user or another program—usually to fool programs, systems or users into revealing confidential information, such as user names and passwords.

Rootkit

A rootkit is a program that uses low-level, hard-to-detect methods to subvert control of an operating system from its legitimate operators. Rootkits usually obscure their installation and attempt to prevent their removal through a subversion of standard system security. They may include replacements for system binaries, making it virtually impossible for them to be detected by checking process tables.

Social engineering

In the second stage of the targeting process, hackers often use Social engineering tactics to get enough information to access the network. They may contact the system administrator and pose as a user who cannot get access to his or her system. This technique is portrayed in the 1995 film Hackers, when protagonist Dade "Zero Cool" Murphy calls a somewhat clueless employee in charge of security at a TV network. Posing as an accountant working for the same company, Dade tricks the employee into giving him the phone number of a modem so he can gain access to the company's computer system.

Hackers who use this technique must have cool personalities, and be familiar with their target's security practices, in order to trick the system administrator into giving them information. In some cases, a help-desk employee with limited security experience will answer the phone and be relatively easy to trick. Another approach is for the hacker to pose as an angry supervisor, and when his/her authority is questioned, threaten to fire the help-desk worker. Social engineering is very effective because users are the most vulnerable part of an organization. No security devices or programs can keep an organization safe if an employee reveals a password to an unauthorized person.

Social engineering can be broken down into four sub-groups:

Intimidation As in the "angry supervisor" technique above, the hacker convinces the person who answers the phone that their job is in danger unless they help them. At this point, many people accept that the hacker is a supervisor and give them the information they seek.

Helpfulness The opposite of intimidation, helpfulness exploits many people's natural instinct to help others solve problems. Rather than acting angry, the hacker acts distressed and concerned. The help desk is the most vulnerable to this type of social engineering, as (a.) its general purpose is to help people; and (b.) it usually has the authority to change or reset passwords, which is exactly what the hacker wants.

Name-dropping The hacker uses names of authorized users to convince the person who answers the phone that the hacker is a legitimate user him or herself. Some of these names, such as those of webpage owners or company officers, can easily be obtained online. Hackers have also been known to obtain names by examining discarded documents (so-called "dumpster diving").

Technical Using technology is also a way to get information. A hacker can send a fax or email to a legitimate user, seeking a response that contains vital information. The hacker may claim that he or she is involved in law enforcement and needs certain data for an investigation, or for record-keeping purposes.

Trojan horses

A Trojan horse is a program that seems to be doing one thing but is actually doing another. It can be used to set up a back door in a computer system, enabling the intruder to gain access later. (The name refers to the horse from the Trojan War, with the conceptually similar function of deceiving defenders into bringing an intruder into a protected area.)

Computer virus

A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. By doing this, it behaves similarly to a biological virus, which spreads by inserting itself into living cells. While some viruses are harmless or mere hoaxes, most are considered malicious.

Computer worm

Like a virus, a worm is also a self-replicating program. It differs from a virus in that (a.) it propagates through computer networks without user intervention; and (b.) does not need to attach itself to an existing program. Nonetheless, many people use the terms "virus" and "worm" interchangeably to describe any self-propagating program.

Keystroke logging

A keylogger is a tool designed to record ("log") every keystroke on an affected machine for later retrieval, usually to allow the user of this tool to gain access to confidential information typed on the affected machine. Some keyloggers use virus-, trojan-, and rootkit-like methods to conceal themselves. However, some of them are used for legitimate purposes, even to enhance computer security. For example, a business may maintain a keylogger on a computer used at a point of sale to detect evidence of employee fraud.

Tools and Procedures

  

A thorough examination of hacker tools and procedures may be found in Cengage Learning's E|CSA certification workbook.

  

Jacob Appelbaum is an advocate, security researcher, and developer for the Tor project. He speaks internationally for usage of Tor by human rights groups and others concerned about Internet anonymity and censorship.

Eric Corley (also known as Emmanuel Goldstein) is the longstanding publisher of 2600: The Hacker Quarterly. He is also the founder of the H.O.P.E. conferences. He has been part of the hacker community since the late '70s.

Ed Cummings (also known as Bernie S) is a longstanding writer for 2600: The Hacker Quarterly. In 1995, he was arrested and charged with possession of technology that could be used for fraudulent purposes, and set legal precedents after being denied both a bail hearing and a speedy trial.

Dan Kaminsky is a DNS expert who exposed multiple flaws in the protocol and investigated Sony's rootkit security issues in 2005. He has spoken in front of the US Senate on technology issues.

Andrew Auernheimer, sentenced to 3 years in prison, is a grey hat hacker whose security group Goatse Security exposed a flaw in AT&T's iPad security.

Gordon Lyon, known by the handle Fyodor, authored the Nmap Security Scanner as well as many network security books and web sites. He is a founding member of the Honeynet Project and Vice President of Computer Professionals for Social Responsibility.

Gary McKinnon is a Scottish hacker facing extradition to the United States to face criminal charges. Many people in the UK have called on the authorities to be lenient with McKinnon, who suffers from Asperger syndrome.[21]

Kevin Mitnick is a computer security consultant and author, formerly the most wanted computer criminal in United States history.[22]

Rafael Núñez, aka RaFa, was a notorious hacker who was sought by the FBI in 2001. He has since become a respected computer security consultant and an advocate of children's online safety.

Meredith L. Patterson is a well-known technologist and biohacker who has presented research with Dan Kaminsky and Len Sassaman at many international security and hacker conferences.

Len Sassaman was a Belgian computer programmer and technologist who was also a privacy advocate.

Solar Designer is the pseudonym of the founder of the Openwall Project.

Michał Zalewski (lcamtuf) is a prominent security researcher.

The computer underground[1] has produced its own specialized slang, such as 1337speak. Its members often advocate freedom of information, strongly opposing the principles of copyright, as well as the rights of free speech and privacy.[citation needed] Writing software and performing other activities to support these views is referred to as hacktivism. Some consider illegal cracking ethically justified for these goals; a common form is website defacement. The computer underground is frequently compared to the Wild West.[23] It is common for hackers to use aliases to conceal their identities.

  

Hacker groups and conventions[edit]

Main articles: Hacker conference and Hacker group

The computer underground is supported by regular real-world gatherings called hacker conventions or "hacker cons". These events include SummerCon (Summer), DEF CON, HoHoCon (Christmas), ShmooCon (February), BlackHat, Chaos Communication Congress, AthCon, Hacker Halted, and H.O.P.E...[citation needed] Local Hackfest groups organize and compete to develop their skills to send a team to a prominent convention to compete in group pentesting, exploit and forensics on a larger scale. Hacker groups became popular in the early 1980s, providing access to hacking information and resources and a place to learn from other members. Computer bulletin board systems (BBSs), such as the Utopias, provided platforms for information-sharing via dial-up modem. Hackers could also gain credibility by being affiliated with elite groups.

   

TomDispatch

 

William DeBuys: How to Hijack an Election

 

Tom Engelhardt • January 19, 2017

 

In case you hadn’t noticed, someone recently loosed a satirist in American politics. Let me give you an example. You remember FBI Director James Comey, who gained a certain notoriety by stepping into the limelight 11 days before the recent presidential election via a very publicly dispatched letter to the Congressional leadership. It focused on an FBI investigation into emails from Hillary Clinton believed to be on a computer that disgraced former Congressman Anthony Weiner shared with his wife and Clinton aide Huma Abedin. As Comey admitted three days before the election, when it came to that investigation, there was no there there. This seeming non-event about an investigation of no significance would, in fact, prove historic. It represented the first intervention by the national security state, that ever more powerful fourth branch of our government, in an American election campaign and might well have played a role in putting Donald Trump in the Oval Office. (Just last week, the Justice Department’s Office of the Inspector General announced that it would look into the FBI’s investigation of Clinton’s email and, in particular, whether Comey’s late-in-the-day intervention “violated policy or procedure when he sent Congress notification about new evidence his department had discovered.”)

 

You may by now be wondering where the promised satire is, but be patient. Comey made his first public appearance since his pre-election dramatics at a recent Senate hearing and was asked whether the FBI might be investigating possible ties between Russian officials and the Trump campaign. In response, he offered this: “I would never comment on investigations — whether we have one or not — in an open forum like this, so I can’t answer one way or another.”

 

Of course he wouldn’t! As Senator Angus King of Maine responded (in an understated but tickle-your-ribs fashion that would have been quite suitable for Saturday Night Live), “The irony of your making that statement, I cannot avoid.”

 

Indeed, who could? In the Trump era, we now clearly live in a world created expressly for SNL. But instead of belaboring the point, let me turn you over to TomDispatch regular William deBuys so he can outline the series of absurdist events that gave us our new huckster-in-chief, our very own billionaire in the Oval Office in what can only be termed the most improbable election of the 1% era of American politics or perhaps any era at all.

 

New from Trump University

Election Rigging 101

 

William deBuys • January 19, 2017

 

Donald Trump was right. The election was rigged. What Trump got wrong (and, boy, does he get things wrong) is that the rigging worked in his favor. The manipulations took three monumental forms: Russian cyber-sabotage; FBI meddling; and systematic Republican efforts, especially in swing states, to prevent minority citizens from casting votes. The cumulative effect was more than sufficient to shift the outcome in Trump’s favor and put the least qualified major-party candidate in the history of the republic into the White House.

 

Trumpist internet trolls and Trump himself dismiss such concerns as sour grapes, but for anyone who takes seriously the importance of operating a democracy these assaults on the nation’s core political process constitute threats to the country’s very being. Let’s look at each of these areas of electoral interference in detail.

 

Gone Phishing: The Drone of Info Warfare

 

Suppose one morning you receive an email from your Internet service provider telling you a security breach has put your data at risk. You are instructed to reset your password immediately. In keeping with the urgency of the situation, the email that delivers the warning provides a link to the page where your new password can be entered. Anxiously you do as instructed, hoping you’ve acted soon enough to prevent a disaster.

 

Congratulations: you have successfully reset your password. Unfortunately, you have also provided it to the hackers who sent the original, entirely bogus warning about a breach of security. This kind of ploy is called phishing. It’s exactly how the email account of John Podesta, Hillary Clinton’s campaign chair, was penetrated. His assistants fell for the ruse.

 

Alternatively, a phisher might send dozens of intriguing offers to employees of a certain organization over the course of weeks. Each message provides a link for more information, and as soon as someone in a moment of boredom or confusion clicks on it, presto change-o, the hacker is inside that person’s computer, free to worm through the network to which it’s connected. This is how hackers got into the computers of the Democratic National Committee (DNC) and downloaded not just emails but strategic planning documents and other confidential information.

 

At this point no one aside from Trump die-hards and maybe Trump himself — he has said so many contradictory things on the subject, it’s difficult to tell what he actually believes — denies that the hackers were Russian and acted under some kind of official instruction, even possibly from the highest levels of Kremlin authority, including Russian President Vladimir Putin. Moreover, it’s clear that the harvest of stolen material was used to help Trump and hurt Clinton. This is the unambiguous conclusion of a National Intelligence Community report released on January 6th and representing the shared conclusions of the CIA, the FBI, and the National Security Agency, which stated: “Russia’s goals were to undermine public faith in the U.S. democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump. We have high confidence in these judgments.”

 

None of the meddling was as blatantly subversive as taking electronic control of voting machines and altering vote counts. Nor did the Russian hackers disable vote-tallying computers, as they did in Ukraine in 2014, but they achieved the next best thing. In our information-drenched world, the drumbeat of background noise can be as powerful as what one hears in the foreground. The Russians and their allies, in part through WikiLeaks, parceled out the juiciest tidbits from the stolen material over the course of the summer and fall, and the news media ate it up.

 

The Democratic dirty laundry they aired showed that Debbie Wasserman Schultz, chair of the DNC, favored Hillary Clinton over Bernie Sanders. In the ensuing flap, Wasserman Schultz resigned and the public was left with the message that the DNC was both untrustworthy and in disarray — and indeed, following the chair’s departure, the disarray couldn’t have been more real. When other emails were released in which Podesta and various colleagues second-guessed Mrs. Clinton’s decisions, the message that lingered in the public mind was that even her closest associates had doubts about her, never mind that candid, water-cooler criticism is normal in any undertaking.

 

The Russians did more than merely steal computer information. They also planted false news stories, both with state sanction (according to the national intelligence report), and without it. One of the upshots of the faux-news business is that, amid intense click-bait competition for advertisers, only sites and articles pandering to the far right make money. Disseminating made-up stories favorable to Hillary Clinton or Bernie Sanders returned nothing to the bottom line of the freelance hackers operating in what has become one of the Russian-speaking world’s newest cottage industries. Evidently a suspension of critical thinking — or its complete absence — is easier to exploit among those disposed to hate liberals and love Trump.

 

That this kind of gullibility is more than just politically dangerous became clear in December when Edgar Welch of Salisbury, North Carolina, stormed into Comet Ping Pong, a pizza joint on Connecticut Avenue in Washington, D.C., filled mainly with parents and children. Welch was carrying a handgun and an assault rifle, which he fired. He later explained that he intended to “self-investigate” reports that had been ricocheting around the Internet asserting that Hillary Clinton and John Podesta operated a child trafficking ring out of that restaurant. Fortunately, no one was hurt.

 

The hoax that fooled the benighted Edgar Welch first appeared on the Internet in late October, shortly before the election. Via Twitter, Reddit, Facebook and other platforms, users subsequently clicked it onward several million times. Among the enthusiastic retweeters of this sort of claptrap (if not the specific Comet Ping Pong story) was retired Lieutenant General Michael Flynn, whom Trump has named his national security adviser, a position for a modicum of probity, if not honesty, used to be a requirement. (Flynn’s son did, however, promote the Comet story on social media.)

 

In the echo chamber of the Internet, the drone of half-truths and lies blurs the edges of the real. Eventually, it imparts a kind of lazy, unevaluated validity to memes of all kinds: Hillary is a crook, immigrants are criminals, Muslims are terrorists. In such a world, Trump’s chronic mendacity becomes unremarkable. This is political branding, advertising, and product definition in the twenty-first century. It’s part of what the spinmeisters call “seizing the narrative,” and the more you seize it for your side, the harder it becomes for your opponents to make their case. Truth is beside the point.

 

Russian faux-news stories, purloined emails, and “exfiltrated” documents dogged the Democratic campaign. They were like gnats that packed a painful bite, buzzing continually wherever Clinton went. They distracted the media and the public from Trump’s much more substantial sins and reinforced the memes that he and his proxies chanted at every opportunity. They built toward a death by a thousand cuts. That was the background. Then, into the foreground stepped FBI Director James Comey.

 

Out of Line

 

On October 28th, only 11 days before Election Day, with early voting already underway in many states, Comey delivered a letter to Congressional leaders stating that, “in connection with an unrelated case, the FBI has learned of the existence of emails that appear to be pertinent to the investigation” of Hillary Clinton’s private email server. They were, devastatingly enough, on a computer that scandal-ridden former Congressman Anthony Weiner had shared with his wife and Clinton aide Huma Abedin. At the time, Comey did not have a warrant to inspect those emails or any idea what the emails specifically contained. He released his letter in violation of longstanding Justice Department procedures and contrary to direct advice from Attorney General Loretta Lynch.

 

The most sympathetic thing that might be said about Comey’s rogue gambit was that he felt a muddle-headed sense of obligation to keep the public and, more particularly, Republican members of Congress informed about developments in an investigation that he had declared resolved nearly four months earlier. A darker interpretation is that he dropped his bomb intending to help the Trump campaign, which, if true, would constitute a violation of the Hatch Act and entitle him to an extended stay in a facility populated by people he used to prosecute. We may never know his motives in full, but it is rumored that he will offer some kind of statement after the inauguration.

 

Motives aside, Comey’s letter detonated across the late-stage election landscape. Predictably the media went into overdrive, as did Trump. With his usual bombast he proclaimed that “this is bigger than Watergate,” and the spinning went on from there. Clinton’s polling numbers nosedived. On November 5th, Comey issued a follow-up letter in which he conceded that, um, well, the trove of emails added absolutely nothing new to the previously dormant investigation. This 11th hour admission did little to mend the damage already inflicted on Clinton and may, in fact, only have deepened the injury by keeping the item in the news and underscoring the suspicions many voters felt toward her.

 

Nate Silver, at FiveThirtyEight, suggested that the flap may have cost Clinton a three-point swing among the electorate and calculated that, after the Comey bombshell hit, the probability of her winning the presidency plunged by 16%. He also suggested that Comey’s letter may have influenced down-ballot races, especially in the all-important struggle for control of the Senate. Bloomberg reported even more dramatic numbers, finding that Clinton’s 12-point lead eroded to a single percentage point, making the race essentially a dead heat.

 

Digging deeply into the “Comey Effect,” Sean McElwee and his colleagues at Vox found that it correlated with sharp downturns for Clinton in both national and state polling, probably accounting for a surge toward Trump that was particularly pronounced among “late-deciders” — people who made up their minds only when they were at the brink of going to the polls. Moreover, the surge was likely shaped by an astonishing “peak” in the negative news coverage of Clinton, centering on her emails. In the last week of the campaign, 37% of all coverage of Clinton was “scandal”-related, far higher than had been the case for months.

 

These are powerful statistics. Three percentage points in an election in which nearly 129 million ballots were cast for the top two candidates amounted to 3.87 million votes. Add them to the 2.86 million by which Clinton beat Trump in the popular vote, and you have a victory margin more than a million and a half votes larger than that by which Obama beat Romney in 2012. You also have a big win in the Electoral College. People would have been talking about a landslide.

 

As things turned out, Trump’s victory in the Electoral College was determined by fewer than a combined 100,000 votes in the swing states of Pennsylvania, Michigan, and Wisconsin. You can massage the numbers many different ways, but if Comey’s letter accounted for only 2% of Trump’s votes in those states, then without the letter Clinton would have won all three of them — and the presidency.

 

Elections are always contingent: weird stuff happens. In 1960, Richard Nixon hit his knee on a car door moments before the first-ever televised presidential debate. He’d just had surgery on the knee to combat a staph infection, and the pain from the swelling bump undermined his performance.

 

It’s an old story: for want of a nail, a shoe is lost, for want of a shoe, a horse, and the rest is history. But the intervention of a high government official on a completely politicized hot-button issue at the apex of a presidential campaign is unprecedented in American history. It exceeds by orders of magnitude the contingencies of elections past.

 

Voter Suppression

 

In the last year or two did you receive a postcard from election authorities asking you to confirm your present address? I did. Those postcards originate from Operation Crosscheck, a brainchild of Kris Kobach, the Republican secretary of state in Kansas, in which 27 states collaborated to uncover the identities of citizens registered to vote in multiple states. That’s a common enough occurrence since people rarely bother to cancel old registrations when they move from one state to another. Sounds benign, right?

 

Not so. As Greg Palast detailed in Rolling Stone last August, this purge of voter rolls was methodologically inept and had the effect of disproportionately disenfranchising minority voters.

 

The crosschecking frequently matched only first and last names, ignoring middle names and suffixes like junior or senior. As a result, common surnames — Jones, Washington, Garcia, and the like — generated huge numbers of matches. The intent of the program was to prevent double voting, a form of voter fraud that the right has frequently decried as widespread, but for which no one has found substantial evidence. (As the New York Timesreported in the wake of election 2016, no significant evidence of voter fraud of any sort was found.) This fake issue has, however, been used as a smokescreen for implementing voting restrictions that inhibit poor people, students, and minorities, who usually vote Democratic, from exercising their franchise.

 

Poor people, as Palast points out, are “overrepresented in 85 of 100 of the most common last names. If your name is Washington, there’s an 89% chance you’re African-American. If your last name is Hernandez, there’s a 94% chance you’re Hispanic. If your name is Kim, there’s a 95% chance you’re Asian.”

 

Crosscheck sent 7.2 million matches to the 28 originally participating states. (Oregon dropped out when its officials realized the extent of Crosscheck’s flaws.) Nearly all of them with Republican secretaries of state then handled matters as they saw fit, eliminating an estimated 1.1 million voters from their rolls. Virginia, for instance, dropped more than 41,000 registrations as “inactive” shortly before the election. In many cases, state authorities sent voters cryptic, small-print postcards like the one I received.

 

Undoubtedly, many students and poor voters, who move frequently from apartment to apartment, never even got their postcards, and when they failed to respond, their voter registrations were canceled. In Michigan, which Donald Trump won by 10,704 votes, Crosscheck provided a purge list of 449,922 names. How many of these people were prevented from voting? How many voted but had their ballots disallowed? No one knows for sure, but the situation cries out for sustained and aggressive investigation.

 

At least 14 states compounded the problems of Operation Crosscheck by creating new, additional obstacles for voters, including eliminating early voting on weekends, reducing polling place hours, and mandating the use of photo IDs. In Wisconsin, a new voter ID law was sold to the public with promises that the state’s motor vehicles department would issue appropriate IDs to non-drivers within six business days of application. In actual fact, the process often took six to eight weeks. Even an order from a federal court (that found as many as 300,000 voters may have been affected) failed to speed up the turgid Wisconsin bureaucracy.

 

In the November election, voter turnout in Wisconsin, which Trump won by 22,748 votes, was the lowest in 20 years. It fell 13% in Milwaukee, where most of the state’s black voters live. Part of the problem was undoubtedly the unpopularity of the major candidates, but voter suppression seems to have played a significant role, too. As Ari Berman of the Nation points out, the active discouragement of poor and minority citizens from voting — not just in Wisconsin, but in Virginia, North Carolina, and many other states — was undoubtedly the most underreported story of 2016.

 

Alas, Poor Hamilton

 

The last kind of man whom Alexander Hamilton and James Madison, as architects of the new American republic, saw as a fit head of state was someone modeled on the character of a medieval prince: narcissistic, volatile, cruel, deceitful, and as vulnerable to manipulation by flattery as by insult. But Hamilton and Madison were hardly naïve. They fully understood that no democracy could be completely immune from such men. In fact, they expected that the House of Representatives, in particular, would ultimately open its doors to a fair share of lunatics, demagogues, and nincompoops. History has more than validated this view.

 

Hamilton and Madison, however, believed that the presidency of the new United States had to be protected from unqualified men at all costs, and so they came up with a plan. They invented the Electoral College. Writing in the Federalist 68 in March 1788, Hamilton extolled their creation and explained,

 

“The process of election affords a moral certainty, that the office of President will never fall to the lot of any man who is not in an eminent degree endowed with the requisite qualifications. Talents for low intrigue, and the little arts of popularity, may alone suffice to elevate a man to the first honors in a single State; but it will require other talents, and a different kind of merit, to establish him in the esteem and confidence of the whole Union, or of so considerable a portion of it as would be necessary to make him a successful candidate for the distinguished office of President of the United States.”

 

The inauguration of Donald J. Trump looms. If the old saying about “rolling over in one’s grave” has any substance, Hamilton and Madison should be spinning like turbines.

 

In truth, our electoral process is broken. Key protections provided by the Voting Rights Act of 1965 were gutted in 2013 by a Supreme Court more blatantly political than any in living memory. Right-wingers in North Carolina thereupon ginned up a suite of voting restrictions that, in the words of a federal judge, targeted black Democratic voters “with almost surgical precision.” The judge struck down the most egregious provisions of that law, but repressive efforts in North Carolina, Wisconsin, and other Crosscheck states will continue to be advanced, as opportunity permits. The vital task is to deny the opportunity.

 

Meanwhile, James Comey has shown that a lone, rogue public official can interject himself into the most sensitive of national moments in a way that not even his roguish predecessor J. Edgar Hoover would have countenanced. And Vladimir Putin has evidently found the cheapest of methods, using electrons instead of sanctions or guns, to undermine the political institutions of his adversaries and befuddle their people.

 

The extent to which Trump campaign functionaries maintained links, if any, with Russian operatives remains unknown. On January 11th, a 35-page document consisting of memoranda on Trump’s Russian connections, compiled by a researcher hired by his opposition, became public. That document contains allegations ranging from the salacious to the treasonous. Although none of them has been verified, the leaked release of the memoranda has intensified public pressure on Trump to offer a full accounting of his relationship with Russian business interests and the Putin regime. Irrespective of whether these lines of inquiry produce information of substance, the fact remains that a foreign, hostile power used subterfuge to interfere with the domestic electoral politics of the United States.

 

On that last count, many an Iranian, Guatemalan, or citizen of any of scores of countries might justifiably say that turnabout is fair play, for the United States has a long and well-documented history of meddling in other countries’ elections. The consequences of a breakdown of democracy in the United States, however, are costly for the entire world. Missiles and nuclear codes are at stake. So, too, is the ever-narrowing window for meaningful global action on climate change, not to mention the clout of the world’s largest economy and most powerful military. All of these things, by hook and by crook, have now been entrusted to a man very like a medieval prince.

 

William deBuys’s most recent book, The Last Unicorn: A Search for One of Earth’s Rarest Creatures, was listed by the Christian Science Monitor among the 10 best nonfiction books of 2015. He is a TomDispatch regular.

Everyone knows that MySpace is ugly and it takes a great deal of patience to fix it, but it is also becoming a haven for the worst elements on the web. Besides rampant phishing attacks, I've noticed the rise in other SEO tactics including linkfarming.

 

But, what I saw today, is the next evolution of MySpace spam.

 

People can leave comments on the profile, where everyone can see them. Perfect for improving your PageRank or creating links which install malicious software on your computer. While you can delete these comments, a new code variant which exploits MySpace's inherently crufty and ugly code and reliance on javascript calls.

 

Above is a screenshot of the comment - notice the extra form field and the button, where the "delete this comment" link is.

www.fiadservices.com/fiad-the-top-scams-of-2012/

There is an alarming trend towards spoofing well-known brands and ‘scams of the moment’ which capture people’s attention, because the topic is in the public awareness. Scam artists are capitalizing by using false pretences to get our attention and steal our trust. 1. Brand SpoofingBrand spoofing (aka phishing) is a common term for e-mail, text messages and websites fabricated and sent by criminals and designed to look like they come from well-known and trusted businesses, financial institutions and government agencies in an attempt to collect personal, financial and sensitive information. If the recipient follows the link provided and connects with the fraudulent website, any information entered into the data fields (account #, PIN, contact information, social security number etc.) could be recorded, collected and used for fraudulent purposes. In addition, some variants of phishing scams make use of Trojan horses to infect personal computers with malware.QUICK TIP: If you receive these messages just delete them and do not click on any links, and hang up on callers you aren’t familiar with. Never give credit information online or over the phone unless you are sure of the identity of the caller. If you are a victim of ID theft, call your financial institutions to have them cancel your cards and re-issue new ones. Contact your local police and your states main credit reporting agencies. 2. Advance Fee LoansConsumers have reported losing substantial sums of money responding to advertisements that “guarantee” loans to people, often online. Consumers complete credit applications and are told the loan (from $5,000 to $100,000) has been approved and the promised funds will be received once a fee is paid. After payment, the loan is never received as promised.QUICK TIP: It is illegal for a company to charge a fee in advance to obtain a loan, even if that fee is disguised as the first or last month’s payment. Watch for claims of “guaranteed” loans even if you have bad credit, no credit, or a bankruptcy, and demands that you wire or send money before you can have a loan offer confirmed in writing. Report any suspected fraudulent schemes to your local police and state attorney general. 3. Gold Buying SchemesIn 1912, the average price of gold was $18.93 per ounce (and it had been so for about 100 years before). In 2011, the price of gold soared, rapidly fluctuating and averaging over $1735 per ounce. Similar to gold rushes of the past, a strained economy and high demand for gold resulted in many consumers selling, trading and receiving unfair returns when cashing in their gold and jewelry.QUICK TIP: Before cashing in on the gold rush it is important to do your research. When choosing an appraiser, find someone locally whom you know and trust. Know that the true price of gold may not be what you will be paid for every ounce of gold you own. Get multiple appraisals and compare prices before selling. Be sure that jewelry of differing karats is weighed and priced separately. Have jewels such as diamonds priced separately from the gold they are contained in. 4. Financial Elder AbuseFinancial elder abuse occurs when seniors’ pocketbooks are exploited by scammers who take advantage of a person’s vulnerabilities associated with age - like hearing loss, loneliness, physical limitations and impaired mental capacity. Common financial elder abuse frauds include tricking seniors into giving out private banking information; encouraging unnecessary home repair work, telemarketing and mail fraud; and swindles by family or friends that result in seniors giving up money, property, personal information and decision-making capacity.QUICK TIP: Most elder abuse happens to a senior by someone they know, such as a family member, friend or caregiver. Many victims do not even realize they have been taken advantage of. Signs a senior is being financially abused include: missing belongings, unusual activity in bank accounts, suspicious stories, sudden changes in Power of Attorney or Wills, bounced checks and numerous unpaid bills. Report all incidents of financial elder abuse to your local police. 5. Power Saving ClaimsThe switch to Smart Meters in B.C. fostered a rise in false claims and deceptive ads by some scammers selling energy conservation devices. Consumers reported purchasing a number of power saving devices they claim did not work and that did not meet electrical safety standards.FIAD Services seeks to help consumers identify untrue, deceptive, fraudulent and insincere statements. Make sure to protect yourself from deceptive advertising by doing your research before making a purchase. Always research a company first and report deceptive advertising and business claims to the correct authority. If it sounds too good to be true, remember that it probably is. 6. Door-to-Door Sales ScamsEach year a variety of unscrupulous door-to-door salespeople use high pressure sales tactics to frighten people into purchasing expensive, substandard - often unneeded products and services. Be wary of overly aggressive sales people selling everything from alarm systems to vacuums and air purifiers, as well as roofing, paving, window washing, painting, plumbing, heating, repair and landscaping services.QUICK TIP: Don’t give in to high pressure sales tactics. If you feel threatened by an aggressive salesperson, ask them to leave your property. If they refuse, call the police. Before making any purchase, take the time to do your due diligence, getting the name and location of the company and ensuring all details and verbal promises are included in a contract. 7. Computer Virus Repair ScamsIn the case of the alleged caller from Microsoft, he/she claim to be phoning about a serious problem with the person’s computer. The caller warns that if the problem is not solved, the computer will become unusable. In order to “fix” it, the computer owner is directed to a website and told to download a program, plus pay a fee for a subscription to this preventative service. The catch: there was never anything wrong with the computer, the caller is not working for Microsoft, and the owner has downloaded to their computer damaging malware and spyware.QUICK TIP: Treat all unsolicited phone calls with skepticism. Check with the organization directly that the caller is claiming to be from, using the contact numbers found on their website. Do not provide any personal information to avoid identity theft. Never provide credit or debit card information for payment. 8. Fraudulent Locksmith ServicesConsumers reported “local locksmiths” advertising online using a local telephone number and local address, but when contacted, consumers are connected to a call centre in another city and there is no locksmith at the address listed in your area. Consumers who have hired these companies allege that they have been overcharged for products and services, received bad advice or poor workmanship, or have had difficulty contacting the business to correct problems.QUICK TIP: Don’t just pick the first “local” company you find online. Confirm the company address and ask for the legal name of the business. When the locksmith arrives, ask for identification, a business card and their license. Also make sure that they are insured, so you know costs will be covered should any damage be done to your personal property. Expect a legitimate locksmith to ask you for identification to confirm your identity as the homeowner. 9. Online Penny AuctionsOnline ads, often designed to look like news reports, are cropping up on popular websites claiming that you can get great deals on iPads and other electronics with online penny auctions. Most commonly with a penny auction, users must set up an account and purchase bids with a credit or debit card; each individual bid may cost less than a dollar and are often sold in bundles of 100 or more. Every item has a countdown clock and as people bid, the cost of the item goes up incrementally and more time is added to the clock. Even if you don’t win the item, you still have to pay for the bids you placed which can add up over time.QUICK TIP: Before providing any personal information or signing up for any “free” trial with a penny auction, read all of the fine print carefully on the website. Pay close attention to details on signup and annual fees, minimum bidding requirements, maximum prize amounts and how to get a refund. Know what you’re buying. Before bidding on an item, research how much it costs elsewhere and keep track of how much you’re spending on bids overall to see if you really are getting a good deal. Keep a close eye on your credit card for unexpected charges. 10. The Anti-Social NetworkSocial networks like Facebook and Twitter are extremely popular. Users are often subject to targeted advertising and direct messages, and scams of all colors use social networks to operate. Fraudulent work-at-home job offers are sent through Twitter “tweets” and Facebook messages, deceptive “free” trials are advertised, and “clickjacking” on Facebook convinces users to unknowingly post malicious links on their status updates.QUICK TIP: Your computer should always have the most recent updates installed for spam filters, anti-virus and anti-spyware software, and a secure firewall. Use the most up-to-date versions of your web browser to offer further protection. Be wary of messages from friends and strangers that direct you to another website via a hyperlink. To learn more about how to protect yourself from false or misleading advertising, make sure to educate yourself.

www.fiadservices.com/fiad-the-top-scams-of-2012/

There is an alarming trend towards spoofing well-known brands and ‘scams of the moment’ which capture people’s attention, because the topic is in the public awareness. Scam artists are capitalizing by using false pretences to get our attention and steal our trust. 1. Brand SpoofingBrand spoofing (aka phishing) is a common term for e-mail, text messages and websites fabricated and sent by criminals and designed to look like they come from well-known and trusted businesses, financial institutions and government agencies in an attempt to collect personal, financial and sensitive information. If the recipient follows the link provided and connects with the fraudulent website, any information entered into the data fields (account #, PIN, contact information, social security number etc.) could be recorded, collected and used for fraudulent purposes. In addition, some variants of phishing scams make use of Trojan horses to infect personal computers with malware.QUICK TIP: If you receive these messages just delete them and do not click on any links, and hang up on callers you aren’t familiar with. Never give credit information online or over the phone unless you are sure of the identity of the caller. If you are a victim of ID theft, call your financial institutions to have them cancel your cards and re-issue new ones. Contact your local police and your states main credit reporting agencies. 2. Advance Fee LoansConsumers have reported losing substantial sums of money responding to advertisements that “guarantee” loans to people, often online. Consumers complete credit applications and are told the loan (from $5,000 to $100,000) has been approved and the promised funds will be received once a fee is paid. After payment, the loan is never received as promised.QUICK TIP: It is illegal for a company to charge a fee in advance to obtain a loan, even if that fee is disguised as the first or last month’s payment. Watch for claims of “guaranteed” loans even if you have bad credit, no credit, or a bankruptcy, and demands that you wire or send money before you can have a loan offer confirmed in writing. Report any suspected fraudulent schemes to your local police and state attorney general. 3. Gold Buying SchemesIn 1912, the average price of gold was $18.93 per ounce (and it had been so for about 100 years before). In 2011, the price of gold soared, rapidly fluctuating and averaging over $1735 per ounce. Similar to gold rushes of the past, a strained economy and high demand for gold resulted in many consumers selling, trading and receiving unfair returns when cashing in their gold and jewelry.QUICK TIP: Before cashing in on the gold rush it is important to do your research. When choosing an appraiser, find someone locally whom you know and trust. Know that the true price of gold may not be what you will be paid for every ounce of gold you own. Get multiple appraisals and compare prices before selling. Be sure that jewelry of differing karats is weighed and priced separately. Have jewels such as diamonds priced separately from the gold they are contained in. 4. Financial Elder AbuseFinancial elder abuse occurs when seniors’ pocketbooks are exploited by scammers who take advantage of a person’s vulnerabilities associated with age - like hearing loss, loneliness, physical limitations and impaired mental capacity. Common financial elder abuse frauds include tricking seniors into giving out private banking information; encouraging unnecessary home repair work, telemarketing and mail fraud; and swindles by family or friends that result in seniors giving up money, property, personal information and decision-making capacity.QUICK TIP: Most elder abuse happens to a senior by someone they know, such as a family member, friend or caregiver. Many victims do not even realize they have been taken advantage of. Signs a senior is being financially abused include: missing belongings, unusual activity in bank accounts, suspicious stories, sudden changes in Power of Attorney or Wills, bounced checks and numerous unpaid bills. Report all incidents of financial elder abuse to your local police. 5. Power Saving ClaimsThe switch to Smart Meters in B.C. fostered a rise in false claims and deceptive ads by some scammers selling energy conservation devices. Consumers reported purchasing a number of power saving devices they claim did not work and that did not meet electrical safety standards.FIAD Services seeks to help consumers identify untrue, deceptive, fraudulent and insincere statements. Make sure to protect yourself from deceptive advertising by doing your research before making a purchase. Always research a company first and report deceptive advertising and business claims to the correct authority. If it sounds too good to be true, remember that it probably is. 6. Door-to-Door Sales ScamsEach year a variety of unscrupulous door-to-door salespeople use high pressure sales tactics to frighten people into purchasing expensive, substandard - often unneeded products and services. Be wary of overly aggressive sales people selling everything from alarm systems to vacuums and air purifiers, as well as roofing, paving, window washing, painting, plumbing, heating, repair and landscaping services.QUICK TIP: Don’t give in to high pressure sales tactics. If you feel threatened by an aggressive salesperson, ask them to leave your property. If they refuse, call the police. Before making any purchase, take the time to do your due diligence, getting the name and location of the company and ensuring all details and verbal promises are included in a contract. 7. Computer Virus Repair ScamsIn the case of the alleged caller from Microsoft, he/she claim to be phoning about a serious problem with the person’s computer. The caller warns that if the problem is not solved, the computer will become unusable. In order to “fix” it, the computer owner is directed to a website and told to download a program, plus pay a fee for a subscription to this preventative service. The catch: there was never anything wrong with the computer, the caller is not working for Microsoft, and the owner has downloaded to their computer damaging malware and spyware.QUICK TIP: Treat all unsolicited phone calls with skepticism. Check with the organization directly that the caller is claiming to be from, using the contact numbers found on their website. Do not provide any personal information to avoid identity theft. Never provide credit or debit card information for payment. 8. Fraudulent Locksmith ServicesConsumers reported “local locksmiths” advertising online using a local telephone number and local address, but when contacted, consumers are connected to a call centre in another city and there is no locksmith at the address listed in your area. Consumers who have hired these companies allege that they have been overcharged for products and services, received bad advice or poor workmanship, or have had difficulty contacting the business to correct problems.QUICK TIP: Don’t just pick the first “local” company you find online. Confirm the company address and ask for the legal name of the business. When the locksmith arrives, ask for identification, a business card and their license. Also make sure that they are insured, so you know costs will be covered should any damage be done to your personal property. Expect a legitimate locksmith to ask you for identification to confirm your identity as the homeowner. 9. Online Penny AuctionsOnline ads, often designed to look like news reports, are cropping up on popular websites claiming that you can get great deals on iPads and other electronics with online penny auctions. Most commonly with a penny auction, users must set up an account and purchase bids with a credit or debit card; each individual bid may cost less than a dollar and are often sold in bundles of 100 or more. Every item has a countdown clock and as people bid, the cost of the item goes up incrementally and more time is added to the clock. Even if you don’t win the item, you still have to pay for the bids you placed which can add up over time.QUICK TIP: Before providing any personal information or signing up for any “free” trial with a penny auction, read all of the fine print carefully on the website. Pay close attention to details on signup and annual fees, minimum bidding requirements, maximum prize amounts and how to get a refund. Know what you’re buying. Before bidding on an item, research how much it costs elsewhere and keep track of how much you’re spending on bids overall to see if you really are getting a good deal. Keep a close eye on your credit card for unexpected charges. 10. The Anti-Social NetworkSocial networks like Facebook and Twitter are extremely popular. Users are often subject to targeted advertising and direct messages, and scams of all colors use social networks to operate. Fraudulent work-at-home job offers are sent through Twitter “tweets” and Facebook messages, deceptive “free” trials are advertised, and “clickjacking” on Facebook convinces users to unknowingly post malicious links on their status updates.QUICK TIP: Your computer should always have the most recent updates installed for spam filters, anti-virus and anti-spyware software, and a secure firewall. Use the most up-to-date versions of your web browser to offer further protection. Be wary of messages from friends and strangers that direct you to another website via a hyperlink. To learn more about how to protect yourself from false or misleading advertising, make sure to educate yourself.

www.fiadservices.com/fiad-the-top-scams-of-2012/

There is an alarming trend towards spoofing well-known brands and ‘scams of the moment’ which capture people’s attention, because the topic is in the public awareness. Scam artists are capitalizing by using false pretences to get our attention and steal our trust. 1. Brand SpoofingBrand spoofing (aka phishing) is a common term for e-mail, text messages and websites fabricated and sent by criminals and designed to look like they come from well-known and trusted businesses, financial institutions and government agencies in an attempt to collect personal, financial and sensitive information. If the recipient follows the link provided and connects with the fraudulent website, any information entered into the data fields (account #, PIN, contact information, social security number etc.) could be recorded, collected and used for fraudulent purposes. In addition, some variants of phishing scams make use of Trojan horses to infect personal computers with malware.QUICK TIP: If you receive these messages just delete them and do not click on any links, and hang up on callers you aren’t familiar with. Never give credit information online or over the phone unless you are sure of the identity of the caller. If you are a victim of ID theft, call your financial institutions to have them cancel your cards and re-issue new ones. Contact your local police and your states main credit reporting agencies. 2. Advance Fee LoansConsumers have reported losing substantial sums of money responding to advertisements that “guarantee” loans to people, often online. Consumers complete credit applications and are told the loan (from $5,000 to $100,000) has been approved and the promised funds will be received once a fee is paid. After payment, the loan is never received as promised.QUICK TIP: It is illegal for a company to charge a fee in advance to obtain a loan, even if that fee is disguised as the first or last month’s payment. Watch for claims of “guaranteed” loans even if you have bad credit, no credit, or a bankruptcy, and demands that you wire or send money before you can have a loan offer confirmed in writing. Report any suspected fraudulent schemes to your local police and state attorney general. 3. Gold Buying SchemesIn 1912, the average price of gold was $18.93 per ounce (and it had been so for about 100 years before). In 2011, the price of gold soared, rapidly fluctuating and averaging over $1735 per ounce. Similar to gold rushes of the past, a strained economy and high demand for gold resulted in many consumers selling, trading and receiving unfair returns when cashing in their gold and jewelry.QUICK TIP: Before cashing in on the gold rush it is important to do your research. When choosing an appraiser, find someone locally whom you know and trust. Know that the true price of gold may not be what you will be paid for every ounce of gold you own. Get multiple appraisals and compare prices before selling. Be sure that jewelry of differing karats is weighed and priced separately. Have jewels such as diamonds priced separately from the gold they are contained in. 4. Financial Elder AbuseFinancial elder abuse occurs when seniors’ pocketbooks are exploited by scammers who take advantage of a person’s vulnerabilities associated with age - like hearing loss, loneliness, physical limitations and impaired mental capacity. Common financial elder abuse frauds include tricking seniors into giving out private banking information; encouraging unnecessary home repair work, telemarketing and mail fraud; and swindles by family or friends that result in seniors giving up money, property, personal information and decision-making capacity.QUICK TIP: Most elder abuse happens to a senior by someone they know, such as a family member, friend or caregiver. Many victims do not even realize they have been taken advantage of. Signs a senior is being financially abused include: missing belongings, unusual activity in bank accounts, suspicious stories, sudden changes in Power of Attorney or Wills, bounced checks and numerous unpaid bills. Report all incidents of financial elder abuse to your local police. 5. Power Saving ClaimsThe switch to Smart Meters in B.C. fostered a rise in false claims and deceptive ads by some scammers selling energy conservation devices. Consumers reported purchasing a number of power saving devices they claim did not work and that did not meet electrical safety standards.FIAD Services seeks to help consumers identify untrue, deceptive, fraudulent and insincere statements. Make sure to protect yourself from deceptive advertising by doing your research before making a purchase. Always research a company first and report deceptive advertising and business claims to the correct authority. If it sounds too good to be true, remember that it probably is. 6. Door-to-Door Sales ScamsEach year a variety of unscrupulous door-to-door salespeople use high pressure sales tactics to frighten people into purchasing expensive, substandard - often unneeded products and services. Be wary of overly aggressive sales people selling everything from alarm systems to vacuums and air purifiers, as well as roofing, paving, window washing, painting, plumbing, heating, repair and landscaping services.QUICK TIP: Don’t give in to high pressure sales tactics. If you feel threatened by an aggressive salesperson, ask them to leave your property. If they refuse, call the police. Before making any purchase, take the time to do your due diligence, getting the name and location of the company and ensuring all details and verbal promises are included in a contract. 7. Computer Virus Repair ScamsIn the case of the alleged caller from Microsoft, he/she claim to be phoning about a serious problem with the person’s computer. The caller warns that if the problem is not solved, the computer will become unusable. In order to “fix” it, the computer owner is directed to a website and told to download a program, plus pay a fee for a subscription to this preventative service. The catch: there was never anything wrong with the computer, the caller is not working for Microsoft, and the owner has downloaded to their computer damaging malware and spyware.QUICK TIP: Treat all unsolicited phone calls with skepticism. Check with the organization directly that the caller is claiming to be from, using the contact numbers found on their website. Do not provide any personal information to avoid identity theft. Never provide credit or debit card information for payment. 8. Fraudulent Locksmith ServicesConsumers reported “local locksmiths” advertising online using a local telephone number and local address, but when contacted, consumers are connected to a call centre in another city and there is no locksmith at the address listed in your area. Consumers who have hired these companies allege that they have been overcharged for products and services, received bad advice or poor workmanship, or have had difficulty contacting the business to correct problems.QUICK TIP: Don’t just pick the first “local” company you find online. Confirm the company address and ask for the legal name of the business. When the locksmith arrives, ask for identification, a business card and their license. Also make sure that they are insured, so you know costs will be covered should any damage be done to your personal property. Expect a legitimate locksmith to ask you for identification to confirm your identity as the homeowner. 9. Online Penny AuctionsOnline ads, often designed to look like news reports, are cropping up on popular websites claiming that you can get great deals on iPads and other electronics with online penny auctions. Most commonly with a penny auction, users must set up an account and purchase bids with a credit or debit card; each individual bid may cost less than a dollar and are often sold in bundles of 100 or more. Every item has a countdown clock and as people bid, the cost of the item goes up incrementally and more time is added to the clock. Even if you don’t win the item, you still have to pay for the bids you placed which can add up over time.QUICK TIP: Before providing any personal information or signing up for any “free” trial with a penny auction, read all of the fine print carefully on the website. Pay close attention to details on signup and annual fees, minimum bidding requirements, maximum prize amounts and how to get a refund. Know what you’re buying. Before bidding on an item, research how much it costs elsewhere and keep track of how much you’re spending on bids overall to see if you really are getting a good deal. Keep a close eye on your credit card for unexpected charges. 10. The Anti-Social NetworkSocial networks like Facebook and Twitter are extremely popular. Users are often subject to targeted advertising and direct messages, and scams of all colors use social networks to operate. Fraudulent work-at-home job offers are sent through Twitter “tweets” and Facebook messages, deceptive “free” trials are advertised, and “clickjacking” on Facebook convinces users to unknowingly post malicious links on their status updates.QUICK TIP: Your computer should always have the most recent updates installed for spam filters, anti-virus and anti-spyware software, and a secure firewall. Use the most up-to-date versions of your web browser to offer further protection. Be wary of messages from friends and strangers that direct you to another website via a hyperlink. To learn more about how to protect yourself from false or misleading advertising, make sure to educate yourself.

NSA-CIA-Mossad cyber terrorists get a kick out of daily hacking and attacking Americans servers and computers, then reporting immediately how EVIL CHINA ATTACKED AMERICA AGAIN!!!!

 

Like Iraq and Saddam attacked us on 911...while luckily CIA-Mossad-Pentagon kept the 3000+ murdered Americans safe.

-RT

*********************************************************************************

US Getting Better at Cyber Blaming, Not Cyber Security

 

Peter Lee

June 13, 2015

 

Color me skeptical about the Sunday Times report that Edward Snowden’s archive got cracked. Not saying it couldn’t happen despite 256 bit encryption, accidents do happen, but the story as presented reeks of psyops bullshit unloaded by the NSA-GCHQ team with the help of obliging media in the UK.

 

What I think is happening is that the United States is upping its game…in public cyberattribution.

 

Honestly parsing and presenting a cyberattribution dossier is a thankless job. Remember how the Obama administration looked foolish on the Sony hack?

 

Sure you don’t. That was so…four months ago.

 

Here’s what I wrote back then on the occasion of the rollout of the US government’s Cyber Threats Intelligence Integration Center:

 

According to AP (actually, according to AP’s Ken Dilanian, the n otoriously obliging amanuensis to the US security establishment ):

 

White House cybersecurity coordinator Michael Daniel has concluded that cyberintelligence at the moment is bedeviled by the same shortcomings that afflicted terrorism intelligence before 9/11 — bureaucracy, competing interests, and no streamlined way to combine analysis from various agencies, the official said.

 

The hack on Sony’s movie subsidiary, for example, resulted in a variety of different analytical papers from various agencies. Each one pointed to North Korea, but with varying degrees of confidence.

 

 

As I argued in various venues recently with reference to the Sony hack, for purposes of semiotics (clear messaging, positioning, blame avoidance, and signaling of US government intentions) if not forensics (proving whodunit), painting a convincing, action-worthy cyberbullseye on the back of some foreign enemy is a major challenge for governments these days.

 

When some high-profile outrage like Sony occurs, the US government has to make a prompt show of control, capability, and resolve. Letting a bunch of data nerds chew over the data for a few weeks and spit up an equivocal conclusion like “It looks like the same guys who did this did that, and maybe the guys who did that were…” doesn’t quite fill the bill.

 

Which is pretty much what happened on Sony. Various private sector and government actors all stuck their oar in, contradictory opinions emerged, messaging was all over the map.

 

… By establishing a central clearing house for relevant information, the US government is on the right side of the information symmetry equation. “You say you think this, but you don’t know this, this, and this, or the stuff we can’t tell you because it’s classified above your clearance.”

 

And even if the real takeaway from the investigatory process still is “It looks like the same guys who did this did that, and maybe the guys who did that were…” it comes out as “The Cyber Threats Intelligence Integration Center has attributed this cyberattack to North Korea with a high degree of confidence. By Executive Order, the President has already commanded CyberCommand to make a proportional response.”

 

You get the picture.

 

So I expect jobs one and two and three for CTIIC will be to generate persuasive dossiers for backgrounding, leaking, whatever on the PRC, North Korea, and the Russian Federation, to be deployed when some mysterious alchemy of evidence, circumstance, and strategy dictate that one of them has to get tagged as The Bad Guy for some cyberoutrage.

 

Fast-forward, to employ a quaint VHS-era term, to June 5. Ellen Nakashima lays out the administration position on the OPM hack in a Washington Post article remarkable for its completely categorical no-two-ways-about-it statement that “China” had dunnit:

 

With a series of major hacks, China builds a database on Americans

China is building massive databases of Americans’ personal information by hacking government agencies and U.S. health-care companies, using a high-tech tactic to achieve an age-old goal of espionage: recruiting spies or gaining more information on an adversary, U.S. officials and analysts say.

 

Groups of hackers w orking for the Chinese government have compromised the networks of the Office of Personnel Management…

 

China hacked into the federal government’s network, compromising four million current and former employees’ information. The Post’s Ellen Nakashima talks about what kind of national security risk this poses and why China wants this information. (Alice Li/The Washington Post)

 

 

U.S. officials privately said China was behind it.

 

 

“This is an intelligence operation designed to help the Chinese government,” the China expert said.

 

Emphasis added, natch.

 

Either the US has spectacularly upped its forensics game since Michael Daniel’s rueful reflections in February or (my theory)…

 

The great minds were sitting around a table in Washington and concluded:

 

“We can’t prove this was a Chinese hack, but let’s turn this around. Nobody can disprove this was a Chinese hack, so nobody can prove us wrong when if we declare without qualification it was a Chinese hack. So let’s just go for it.”

 

Parenthetically, I might point out that one problem I see is, If with categorically and openly identifying the PRC as source of the hack is that we should immediately and openly retaliate at a commensurate level. Otherwise, where’s our national credibility & deterrence? Still waiting for the shoe to drop on that one.

 

The tip-off for me that the WaPo was carrying Obama administration water with this totally backgrounded mostly anonymous scoop was this:

 

The big-data approach being taken by the Chinese might seem to mirror techniques used abroad by the NSA, which has come under scrutiny for its data-gathering practices under executive authority. But in China, the authorities do not tolerate public debate over the proper limits of large-scale spying in the digital age.

 

The piece was written June 5, three days after the Obama administration had put the Snowden unpleasantness behind it and totally regained the moral high ground, in its own mind if nobody else’s, by replacing the Patriot Act with the USA Freedom Act a.k.a. “Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-collection and Online Monitoring Act.”

 

Now, with the legalities of the US cyberprograms re-established, it was time to stop playing defense and go on offense against those public-debate-intolerant Chinese!

 

And that means relaunching the China cyberoutlaw product! With the story of a hack that had, if I understand Nakashima’s account correctly, had occurred in December 2014!

 

Again, it is perhaps little remembered except by me that a key US objective for the Xi Jinping—Barack Obama summit in Sunnylands in June 2013 was to cap an eighteen month public opinion campaign against PRC cyberoffenses with a personal rebuke by President Obama and the presentation of an embarrassing dossier to Xi Jinping.

 

If, as I did, one googled “Xi Jinping cyberwarfare” on June 3, 2013, the first four pages of results included hits like these, indicating that the Western press was energetically singing from the same cyberwar hymnal:

China Doesn’t Care if Its ‘Digitalized’ Military Cyberwar Drill Scares You

 

Atlanticwire

China Is Winning the Cyber War Because They Hacked U.S. Plans for Real War

 

Atlanticwire

 

Krauthammer to Obama: Launch cyber war on China

 

Fox News

 

China Is Our Number One National Security Threat

 

International Business Journal

 

House Intelligence Chairman: US “Losing” Cyber-War

 

Wall Street Journal

 

US Says China Is Stepping Up Cyber War

 

Financial Times

 

U.S. China Cyberbattle Intensifies

 

Politico

 

Just a reminder; these headlines are from June 2013, not June 2015.

 

In this case, the China Matters serendipity engine was firing on all cylinders; three days later the Washington Post and Guardian newspapers published their first revelations from Edward Snowden, fundamentally skewing the frame of the Chinese cyberwarfare story.

 

I’ve always wondered if the timing of Snowden’s revelations had something to do with the hypocrisy of the world’s biggest cybersnoop trying to stick that label on the PRC.

 

Anyway, the Obama administration has had two years to lick its wounds, do damage control, and reboot the program.

 

And guess what! Xi Jinping’s coming to the United States again in September! This time we’ll be ready for him fer sure! Snowden discredited! NSA on top! PRC in doghouse!

 

I must state here that I believe that PRC cyberespionage program is massive, government-backed, full spectrum, and actively exploring offensive capabilities. But I also think that the US tactics are destabilizing and escalatory & have more to do with maintaining the US cyberadvantage as part of the burgeoning and profitable China-threat milsec business than they do with diminishing the threat to the American people from PRC cyber misbehavior.

 

And I take the current spate of news stories as part of an effort to get us used to perpetual cyberwar, just as we were bombarded with stories about malevolent Muslims in the last decade to reconcile us the the Global War on Terror, the erosion of civil liberties, and expensive and perpetual conflicts.

 

At this time, a trip down memory lane is warranted for people who have forgotten how the Obama administration methodically rolled out PRC Cyberthreat v. 1.0, the buggy pre-Snowden product, and are perhaps not connecting the dots on the rollout of PRC Cyberthreat v. 2.0, Now Bigger and Scarier! and how this might be a factor in the headlines blaring out of their newspapers & TVs & tablets.

 

Below the fold, for the sake of posterity, a lengthy recap on the first abortive US salvo in the China cyberthreat propaganda war.

 

What I wrote back in April 2012:

 

The Barack Obama administration went public with its case against China in November 2011, with a report on industrial espionage titled Foreign Economic Collection. It described China rather generously as a “Persistent Collector” given the PRC’s implication in several high-profile industrial espionage cases and soft-pedaled the issue of official Chinese government involvement. The report stated:

 

US corporations and cyber-security specialists also have reported an onslaught of computer network intrusions originating from Internet Protocol (IP) addresses in China, which private sector specialists call “advanced persistent threats.” Some of these reports have alleged a Chinese corporate or government sponsor of the activity, but the IC [intelligence community] has not been able to attribute many of these private sector data breaches to a state sponsor. Attribution is especially difficult when the event occurs weeks or months before the victims request IC or law enforcement help. [5]

 

A month later, in December 2011, US criticism of China became a lot more pointed. Business Week published an exhaustive report on Chinese cyber-espionage, clearly prepared with the cooperation of federal law enforcement authorities as it named and described several investigations:

 

The hackers are part of a massive espionage ring codenamed Byzantine Foothold by US investigators, according to a person familiar with efforts to track the group. They specialize in infiltrating networks using phishing e-mails laden with spyware, often passing on the task of exfiltrating data to others.

 

Segmented tasking among various groups and sophisticated support infrastructure are among the tactics intelligence officials have revealed to Congress to show the hacking is centrally coordinated, the person said. US investigators estimate Byzantine Foothold is made up of anywhere from several dozen hackers to more than one hundred, said the person, who declined to be identified because the matter is secret. [6]

 

United States security boffin Richard Clarke had this to say about Chinese cyber-espionage in an interview with Smithsonian magazine:

 

“I’m about to say something that people think is an exaggeration, but I think the evidence is pretty strong,” he tells me. “Every major company in the United States has already been penetrated by China.”

 

“What?”

 

“The British government actually said [something similar] about their own country.”

 

Clarke claims, for instance, that the manufacturer of the F-35, our next-generation fighter bomber, has been penetrated and F-35 details stolen. And don’t get him started on our supply chain of chips, routers and hardware we import from Chinese and other foreign suppliers and what may be implanted in them-”logic bombs,” trapdoors and “Trojan horses,” all ready to be activated on command so we won’t know what hit us. Or what’s already hitting us. [7]

 

Some big numbers are being thrown around to publicize the Chinese threat.

 

Business Week’s report, while admitting the woolliness of its methodology, stated that losses to American companies from international cyber-espionage amounted to US$500 billion in a single year.

 

Scott Borg, director of a non-profit outfit called the US Cyber Consequences Unit told Business Week:

 

“We’re talking about stealing entire industries … This may be the biggest transfer of wealth in a short period of time that the world has ever seen.”

 

Beyond these apocalyptic economic and military scenarios, we might also descend to the personal and political and point out that Google, a favorite target of Chinese cyber-attacks, is Obama’s friend, indispensable ally, brain trust and source of personnel in the high-tech sector.

 

Connect the dots, and it is clear that the Obama administration, in its usual meticulous way, is escalating the rhetoric and preparing the public and the behind-the-scenes groundwork for major pushback against China in the cyber-arena.

 

And in March 2013, a few weeks before Sunnylands, I wrote:

 

[National Security Advisor] Donilon came up with a nuanced approach to Chinese cyber-mischief during his speech to the Asia Society…

 

Bypassing the issue of cyber-spying against military and government targets that probably falls into the grey area of “everybody does it and why shouldn’t they”, and defining and limiting the issue to a specific and remediable problem – the massive state-sponsored PRC program of industrial and commercial espionage against Western targets – Donilon’s framing placed “cyber-theft” in a category similar to the intellectual property gripe, also know as systematic piracy of US software, as an info strategy condoned by the Chinese government:

 

 

This rather unexceptionable and reasonable demand that the PRC reign in its gigantic program of economic/commercial hacking, i.e. cyber-enabled theft as Donilon put it, and give US businesses a break, was not good enough for the Christian Science Monitor, which has apparently shed, together with its print edition, the sober inhibitions that once characterized its news operations.

 

The CSM’s headline:

 

US tells China to halt cyberattacks, and in a first, lays out demands

 

Obama’s national security adviser, Thomas Donilon, spelled out a more aggressive US stance on the cyberattacks, saying China must recognize the problem, investigate it, and join in a dialogue. [4]

 

Note in the CSM story the effortless slide down the slippery slope from cyber-theft to cyber-espionage to cyber-attacks (and for that matter, “should” and “needs” to “demands”). Well, fish gotta swim, birds gotta fly, and eyeballs have to be wrenched from their accustomed paths and turned into click-fodder.

 

And don’t get me started on the Pentagon:

 

A new report for the Pentagon concludes that the US military is unprepared for a full-scale cyber-conflict with a top-tier adversary. The report says the United States must increase its offensive cyberwarfare capabilities. The report also calls on the US intelligence agencies to invest more resources in obtaining information about other countries’ cyberwar capabilities and plans.

 

The Washington Post reports that the report says that the United States must maintain the threat of a nuclear strike as a deterrent to a major cyberattack by other countries. The report notes that very few countries, for example, China and Russia, have the skills and capabilities to create vulnerabilities in protected systems by interfering with components.

 

The report emphasizes that defensive cyber capabilities are not enough, and that the United States must have offensive cyber capabilities which, when needed, could be used either preemptively or in retaliation for a cyber attack by an adversary. [5]

 

Security consultant Bruce Schneier addressed the threat inflation issue (and the dangers of trying to design and justify retaliation in the murky realm of cyberspace) in a blog post on February 21:

 

Wow, is this a crazy media frenzy. We should know better. These attacks happen all the time, and just because the media is reporting about them with greater frequency doesn’t mean that they’re happening with greater frequency.

 

But this is not cyberwar. This is not war of any kind. This is espionage, and the difference is important. Calling it war just feeds our fears and fuels the cyberwar arms race.

 

In a private e-mail, Gary McGraw made an important point about attribution that matters a lot in this debate.

 

Because espionage unfolds over months or years in realtime, we can triangulate the origin of an exfiltration attack with some certainty. During the fog of a real cyber war attack, which is more likely to happen in milliseconds, the kind of forensic work that Mandiant did would not be possible. (In fact, we might just well be “Gandalfed” and pin the attack on the wrong enemy.)

 

Those of us who work on security engineering and software security can help educate policymakers and others so that we don’t end up pursuing the folly of active defense.

 

I agree.

 

This media frenzy is going to be used by the US military to grab more power in cyberspace. They’re already ramping up the US Cyber Command. President Obama is issuing vague executive orders that will result in we-don’t-know what. I don’t see any good coming of this. [6]

 

Not to worry, is the US attitude.

 

A head-to-head conventional war with China isn’t likely, despite the overheated imagination displayed in the AirSea Battle scenario, and it is difficult to identify any satisfying proxy battlefield in meatspace where the PRC and the USA might be tempted to slug it out.

 

But cyberwarfare?…Bring it!

 

The Department of Defense has a “Cyber Command” which, it revealed to the Washington Post, is muscling up from 500 staff to 4000 “cyberwarriors”.

 

The Post interviewed William J. Lynn III, identified as one of the maestros of the DoD’s cyber strategy:

 

“Given the malicious actors that are out there and the development of the technology, in my mind, there’s little doubt that some adversary is going to attempt a significant cyber-attack on the United States at some point…The only question is whether we’re going to take the necessary steps like this one to deflect the impact of the attack in advance or… read about the steps we should have taken in some post-attack commission report.”

 

The DoD is keen to emphasize that its cyberwarriors will be primarily playing defense, understandable considering the vulnerabilities of America’s immense, dispersed, highly integrated and—and the case of the power grid, at least—rather decrepit national infrastructure.

 

But of course there will be “combat mission forces”:

 

The combat mission forces, one of the three divisions of Cyber Command will launch cyber-attacks alongside traditional military offensives.

 

“This new class of cyber warrior would be responsible for penetrating the machines behind identified attack sources, installing spyware to monitor connections to those machines, and following the trail back to the desktop of the attacker. They would have to research and exploit vulnerabilities, craft malware, operate honey pots, and even engage in targeted Denial of Service attacks,” Richard Stiennon, chief research analyst at IT-Harvest, told GlobalPost.

 

Contra Dr. Stiennon’s assertions, I don’t think that the DoD really believes that the scope of Cyber Command combat missions will be limited to delectable honey pots and “even” targeted Denial of Service attacks.

 

Not when the cyberwar scenarios, according to Leon Panetta, include our enemies derailing trains, contaminating water supplies, or shutting down power grids. We’re going to be able to do that, too.

 

The United States security/military apparatus apparently feels that it can “win the Internet” by harnessing the power of the invincible American technological knowhow to the anti-Chinese cyber-crusade.

 

In another of the seemingly endless series of self-congratulatory backgrounders given by US government insiders, the godlike powers of the National Security Agency were invoked to Foreign Policy magazine in an article titled Inside the Black Box: How the NSA is helping US companies fight back against Chinese hackers:

 

In the coming weeks, the NSA, working with a Department of Homeland Security joint task force and the FBI, will release to select American telecommunication companies a wealth of information about China’s cyber-espionage program, according to a US intelligence official and two government consultants who work on cyber projects. Included: sophisticated tools that China uses, countermeasures developed by the NSA, and unique signature-detection software that previously had been used only to protect government networks.

 

Very little that China does escapes the notice of the NSA, and virtually every technique it uses has been tracked and reverse-engineered. For years, and in secret, the NSA has also used the cover of some American companies – with their permission – to poke and prod at the hackers, leading them to respond in ways that reveal patterns and allow the United States to figure out, or “attribute,” the precise origin of attacks. The NSA has even designed creative ways to allow subsequent attacks but prevent them from doing any damage. Watching these provoked exploits in real time lets the agency learn how China works.

 

And amid the bluster, a generous serving of bullshit:

 

Now, though, the cumulative effect of Chinese economic warfare – American companies’ proprietary secrets are essentially an open book to them – has changed the secrecy calculus. An American official who has been read into the classified program – conducted by cyber-warfare technicians from the Air Force’s 315th Network Warfare Squadron and the CIA’s secret Technology Management Office – said that China has become the “Curtis LeMay” of the post-Cold War era: “It is not abiding by the rules of statecraft anymore, and that must change.”

 

“The Cold War enforced norms, and the Soviets and the US didn’t go outside a set of boundaries. But China is going outside those boundaries now. Homeostasis is being upset,” the official said. [7]

 

A more impressive and evocative term than “upset homeostasis” to describe the US cyber-war conundrum is “Stuxnet”.

 

The Obama administration’s cyber-maneuverings have been complicated and, it appears, intensified, by the problem that the United States “did not abide by the rules of statecraft” and “went outside the boundaries” and, indeed, became the “Curtis LeMay of the post Cold War era” when it cooperated with Israel to release the Stuxnet exploit against Iran’s nuclear program.

 

 

Not unsurprisingly, post-Stuxnet the Chinese government has even less interest in the “Law of Armed Conflict in cyberspace” norms that the United States wants to peddle to its adversaries but apparently ignore when the exigencies of US interests, advantage, and politics dictate.

 

Instead, the PRC and Russia have lined up behind a proposed “International Code of Conduct for Internet Security”, an 11-point program that says eminently reasonable things like:

 

Not to use ICTs including networks to carry out hostile activities or acts of aggression and pose threats to international peace and security. Not to proliferate information weapons and related technologies.

 

It also says things like:

 

To cooperate in combating criminal and terrorist activities which use ICTs [information and computer technologies] including networks, and curbing dissemination of information which incites terrorism, secessionism, extremism or undermines other countries’ political, economic and social stability, as well as their spiritual and cultural environment. [11]

 

The United States, of course, has an opposite interest in “freedom to connect” and “information freedom,” (which the Chinese government regards as little more than “freedom to subvert”) and has poured scorn on the proposal.

 

The theoretical gripe with the PRC/Russian proposal is that it endorses the creation of national internets under state supervision, thereby delaying the achievement of the interconnected nirvana that information technology evangelists assure us is waiting around the next corner – and also goring the ox of West-centric Internet governing organizations like ICANN.

 

So the Chinese proposal is going exactly nowhere.

 

The (genuine) irony here is that the Chinese and Russians are showing and driving the rest of the world in their response to the undeniable dangers of the Internet ecosystem, some of which they are themselves responsible for but others – like Stuxnet – can be laid at the door of the US.

 

In response to hacking, the Internet as a whole has evolved beyond its open architecture to a feudal structure of strongly-defended Internet fortresses, with cyber-surfs free to roam the undefended commons outside the gates, glean in the fields, and catch whatever deadly virus happens to be out there.

 

In recent months, the word “antivirus” has disappeared from the homepages of Symantec and MacAfee as they have recognized that their reference libraries of viruses can’t keep up with the proliferation of millions of new threats emerging every year, let alone a carefully weaponized packet of code like Stuxnet, and protect their privileged and demanding users. Now the emphasis – and gush of VC and government money – has shifted to compartmentalizing data and applications and detecting, reducing the damage, and cleaning up the mess after a virus has started rummaging through the innards of an enterprise.

 

In other words, the Internet fortresses, just like their medieval analogues, are increasingly partitioned into outer rampart, inner wall, and keep – complete with palace guard – in order to create additional lines of defense for the lords and their treasure.

 

In other words, they are starting to look like the Chinese and Russian national internets.

 

Absolute cyber-safety, through defense or deterrence against an antagonist, is a chimera. The best hope for the Internet might be “peaceful coexistence” – the move toward cooperation instead of confrontation that characterized the US-USSR relationship when it became apparent that “mutually assured destruction” was leading to a proliferation of dangerous and destabilizing asymmetric workarounds instead of “security through terror”.

 

Or, as the Chinese spokesperson put it in Demick’s article:

 

“Cyberspace needs rules and cooperation, not war. China is willing to have constructive dialogue and cooperation with the global community, including the United States,” Foreign Ministry spokeswoman Hua Chunying said at a briefing Tuesday. [14]

 

It looks like the Obama administration, by carefully and convincingly placing the cyber-theft issue on the table, might be working toward some kind of modus vivendi that leads to a joint reduction of Internet threats – dare I say, win-win solution? – with the PRC.

 

It remains to be seen if this initiative can withstand the pressures of the US military, security, and technology industries for a profitable threat narrative – and the Obama administration’s own inclination toward zero-sum China-bashing.

===========================================================

Download link:

istorage.serveftp.com/?r=microsoft-security-centre-download

===========================================================

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

14 Apr 2016, Microsoft Security Essentials provides real-time protection for your home or small

business PC that guards against viruses, spyware, and other14 апр 2016, Программа Microsoft Security Essentials обеспечивает защиту в реальном

времени домашнего ПК или ПК, используемого в малом2 Mar 2016, Simon May and Nathan Mercer on Windows 10 Security - Protection, To

download, right click the file type you would like and pick “Save target as, . (AKA

Microsoft Security Essentials) is a more than capable antivirus,, . Windows Edge

does not allow download "save target as" option when right clicking.29 Sep 2015, New Azure Security Center helps you prevent, detect, and respond to threats,

To download, right click the file type you would like and pick “Save target,

Microsoft and partner security solutions, and real-time security alertsMicrosoft Security Essentials is available as a free download for all computers

running a genuine, . Repeat steps 2 and 3 for each file type you want to exclude.Version History for 360 Total Security, file type(Archive file); Added: Virus Scan -

Support IPA file type(iOS installer package), Added: Firewall; Added: Browser

Protection; Added: Data Hijacking, . Added: Download File Scan - new

downloader suuport: LeechGet, Lightning,, Fixed: Microsoft Security Center

registration.24 Jun 2009, Yes Microsoft always makes a simple download into a fun 100 clicks ordeal!,

Double click it to open up Microsoft Security Essentials. First, protection options,

and also setup any file, folder, process, or file type exclusions.Using free Microsoft software does have some advantages., . This toolkit helps

prevent security flaws in software from being exploited., .. Projects are saved

with the csv filetype so they are easy to share with others, even if they don have

If youre running Microsoft SharePoint Server, youll know that endpoint protection

solutions are unsuitable – as all content managed by SharePoint Server isMulti-layered protection includes real-time defense of SharePoint database and

the host server farm, the ability to block unauthorized downloads and uploads,Avira AntiVir Exchange provides real-time protection against viruses, spam,

adware,, Download, Support for Microsoft Exchange Server 2013 and

Windows Server 2012, Configurable scanning of attachments by file type and/or

size.Password Protection: How to Create Strong Passwords McAfee Downloads -

Antivirus, Antimalware, Virus Scan, Free, Microsoft Malware Protection CenterThis article briefly describes these dangers and how Microsoft Outlook 2010 is,

Protection from phishing attacks, Protection from macro viruses, When you

open the message and the content is downloaded automatically, you are, If you

try to send an attachment that has a file type extension that is on the blocked list,

22 Oct 2009, “Now that Microsoft Security Essentials is generally available to, You can

download your copy of Microsoft Security Essentials from, .. I want to add MSE

has two great features “Excluded File Type” and “Excluded Process”.You can export and download your data from the Google products you use, like

your email,, Choose your archives "File type.", After you follow these steps,

Google Download Your Data will show up in your Microsoft OneDrive security

and privacy, Note: Special software may be required to unpack a tgz or tbz

archive.Mar 2016, Simon May and Nathan Mercer on Windows 10 Security - Protection, Save target as, .Microsoft Security Essentials) is a more than capable antivirus,, .Sep 2015, New Azure Security Center helps you prevent, detect, and respond to threats, To download, right click the file type you would like and pick “Save target, Version History for 360 Total Security, Support IPA file type(iOS installer package), Protection; Added: Data Hijacking, .LeechGet, Lightning,, Jun 2009, Yes Microsoft always makes a simple download into a fun 100 clicks ordeal!Double click it to open up Microsoft Security Essentials.Using free Microsoft software does have some advantages.Windows Server 2012, Antivirus, Antimalware, Virus Scan, Free, This article briefly describes these dangers and how Microsoft Outlook 2010 is, Protection from phishing attacks, Protection from macro viruses, Oct 2009, “Now that Microsoft Security Essentials is generally available to, Microsoft Security Essentials from, ..Choose your archives "File type.",

 

Terms and Policies

Skip to content

    

User Content and Conduct Policy

Google+ Contests and Promotions Policy

Hangouts On Air Terms of Service

Hangouts Additional Terms for Call Phones Feature

Google My Business - Additional Terms

Google+ Custom URLs Terms of Use

Google+ Pages Additional Terms of Service

Embedded Content Policy

Button Policy

Privacy Policy

Terms of Service

  

User Content and Conduct Policy

 

Google’s social and sharing products and services enable people from diverse backgrounds to start conversations, share experiences, collaborate on projects, and form new communities. Our policies play an important role in maintaining a positive experience for our users on the products listed below (collectively referred to as the “Services”). Please follow these policies as you:

•use Google+, including Google+ comments on other products such as Blogger

•participate in publicly shared Hangouts or Hangouts on Air

•send Hangouts invitations

•share content by link through Google Photos

•use Spaces.

 

We depend heavily upon users to let us know about content that may violate our policies. After we are notified of a potential policy violation, we may review the content and take action, including restricting access to the content, removing the content, and limiting or terminating a user’s access to Google products. Note that we may make exceptions to these policies based on artistic, educational, or documentary considerations, or when there are other substantial benefits to the public from not taking action.

 

We occasionally modify these policies, so please check back here for any updates. Beyond the policies listed below, note that several products and features may have additional policies and terms — please check the links provided for those additional requirements.

 

1. Illegal Activities

 

Do not use our Services to engage in illegal activities or to promote activities that are dangerous and illegal, such as terrorism, the sale of illegal drugs, or human trafficking.

 

We may also remove content that violates applicable local laws. To report content that you believe should be removed based on local laws, click here.

  

2. Malicious and Deceptive Practices

 

Do not transmit viruses, malware, or any other malicious or destructive code. Do not distribute content that harms or interferes with the operation of the networks, servers, or other infrastructure of Google or others. Do not use our Services for phishing scams.

  

3. Hate Speech

 

Our products are platforms for free expression. But we don't support content that promotes or condones violence against individuals or groups based on race or ethnic origin, religion, disability, gender, age, nationality, veteran status, or sexual orientation/gender identity, or whose primary purpose is inciting hatred on the basis of these core characteristics. This can be a delicate balancing act, but if the primary purpose is to attack a protected group, the content crosses the line.

  

4. Harassment, Bullying, and Threats

 

Do not engage in harassing, bullying, or threatening behavior, and do not incite others to engage in these activities. Anyone using our Services to single someone out for malicious abuse, to threaten someone with serious harm, to sexualize a person in an unwanted way, or to harass in other ways may have the offending content removed or be permanently banned from using the Services. In emergency situations, we may escalate imminent threats of serious harm to law enforcement. Keep in mind that online harassment is also illegal in many places and can have serious offline consequences for both the harasser and the victim.

 

Learn more about additional steps that you can take to stop harassment and bullying on Google+.

  

5. Personal and Confidential Information

 

Do not distribute other people’s personal and confidential information, such as credit card numbers, confidential national ID numbers, or account passwords, without their permission. Do not post or distribute images or videos of minors without the necessary consent from their legal representatives. Report a violation

  

6. Child Exploitation

 

Do not upload or share content that exploits or abuses children. This includes all child sexual abuse imagery (even cartoon images) and all content that presents children in a sexual manner. We will remove such content and take appropriate action, which may include disabling accounts and reporting to the National Center for Missing & Exploited Children (NCMEC) and law enforcement. Note that this policy may additionally apply to any content uploaded or transmitted through our Services.

 

If you find any content that you think exploits children in this manner, do not +1, reshare or comment on such content, even if your intent is to bring it to Google’s attention. Instead, flag the content through the ‘Report Abuse’ link. If you find content elsewhere on the internet, please contact NCMEC directly.

  

7. Spam

 

Do not spam, including by sending unwanted promotional or commercial content, or unwanted or mass solicitation.

 

Do not aggressively send invitations, add people to your circles or message people that you do not know.

  

8. Ranking Manipulation

 

Do not manipulate ranking or relevancy using techniques like repetitive or misleading keywords or metadata.

  

9. Sexually Explicit Material

 

Do not distribute sexually explicit or pornographic material. Do not drive traffic to commercial pornography sites.

 

We do allow naturalistic and documentary depictions of nudity (such as an image of a breastfeeding infant), as well as depictions of nudity that serve a clear educational, scientific, or artistic purpose.

 

Note that your Google+ profile photo cannot include mature or offensive content. For example, do not use a photo that is a close-up of a person’s buttocks or cleavage.

  

10. Violence

 

Do not distribute depictions of graphic or gratuitous violence.

  

11. Regulated Goods and Services

 

Our Services enable discussion of many topics, but we do not allow content that facilitates the sale of regulated products and services, including alcohol, gambling, pharmaceuticals and unapproved supplements, tobacco, fireworks, weapons, or health/medical devices.

 

Because these topics are often heavily regulated and may not appropriate for all ages or in all countries we have created tools on Google+ to help you target your content to users of the appropriate ages in the right markets. If your content promotes regulated goods and services, you are responsible for applying the appropriate age and geographical restrictions for that content where these tools are available. If we receive a complaint that such content is targeting audiences in violation of applicable laws and regulations, we may remove or restrict the offending content or account.

 

Even with the appropriate age and geographical restrictions in place, we still do not allow the facilitation of the sale of the products listed above.

 

Learn more about audience settings on Google+.

  

12. Impersonation

 

Do not use our Services to mislead or confuse users by pretending to be someone else or pretending to represent an organization you do not represent. Some products have additional guidelines: Learn more about Impersonation on Google+.

  

13. Account Hijacking

 

Do not access another user’s account without their permission.

  

14. Use of Multiple Accounts

 

Do not create or use multiple accounts to evade our policies or bypass blocks or otherwise subvert restrictions placed on your account. For example, if you’ve been blocked by another user or suspended for abuse, don’t create a replacement account that engages in similar activity.

  

About our Policies and Terms

 

These policies apply generally to the content you post on our Services. Some services have their own separate policies that can be found within those services and apply to your use of them. All Google products and services are governed by their applicable terms of service.

 

Reporting Potential Issues

 

If you encounter content or a user that you believe violates the above policies, please report it to us using the “Report Abuse” link (or similarly named link). Learn more about reporting abuse on Google+, Hangouts invitations, Google Photos, and Spaces.

 

My PurposeIt has been often and repeatedly claimed that 'there's no evidence', 'there's no consensus', and 'the evidence is weak' that Russia is linked to hacking targetting the Democratic Party and the campaign of Hillary Clinton. As I found in attempting to 'connect the dots' via a simple timeline, a shape begins to appear that ought to concern any American.Even though we lack the ability to put everything under an X-ray and validate it, the appearance is that mysterious sources like Guccifer, DCLeaks or Wikileaks have behind the scenes links to whoever is responsible for an extremely sophisticated and effective worldwide hacking campaign, and that they both may have suspicious but difficult to deny links to the Trump campaign itself. At the very least, the President-elect cannot deny that "APT28", or "Fancy Bear" is a major threat to the free world; if he wants to continue to pretend it isn't Russia, then he must confront who it actually is. (It's Russia.)The hacking is not benign and 'just for laughs'. It's military in nature, and serious. My purpose is not to provide a legal standard of proof 'beyond reasonable doubt.' When bullets fly, it isn't always necessary to trace them back to the barrel of an enemy gun, when bombs explode it isn't necessary to reverse the trajectory and track them to an enemy plane overhead - at some point things become quite obvious, and this is that point. We have the means and motive, we have the substance. We have the accused throwing back combative denials. Russia in this case knows that its tracks are covered... and they can afford to deny until indisputable evidence appears, at which point the lie is justified by the reality. "Of course I bit you. You knew I was a snake."The story is multidimensional in that the Russian intelligence agencies - in the guise of Fancy Bear and Cozy Bear - launch attacks worldwide, with the only common thread being that they are either attacking or exploiting groups or nations that are very specific to Russian goals. My focus is primarily to follow the thread associated with the Election, although by following other threads there is plenty to discover with regards to attacks on Ukraine, Turkey, or others. Also, it bears notice that we only know what is publicly reported; 'consider the source' always applies, and it is always possible that Russia is being skilfully 'framed', although the mountain of evidence grows. There are also undoubtedly hacks not discovered or reported.My goal is to follow the verifiable truth, not an agenda. If you are aware of any better (linkable) sources for certain facts please make me aware, in most cases I am looking for the earliest contemporary media source, and where analysis is available, to get it directly 'from the horses mouth' as the media is horrendous about garbling information. If you are aware of any mistaken logic or contradictory information, please let me know.THE TIMELINEPrologue (2007-2015)August 3, 2011 - According to emails released under FOIA, Hillary Clinton's clintonemail private address is targetted by 5 spoofed emails from "New York State Department of Motor Vehicles" claiming a traffic violation. The emails have an attached ZIP document which, according to analysts (unconfirmed) is linked to Russia. There is no evidence that Clinton or staff opened or were compromised, although it appears to be evidence of targetted spearphishing.2007-2014 - The Advanced Persistent Threat (APT) known by various analytical firms as Sofacy, APT28, Fancy Bear, Sednit, or Pawn Storm becomes identifiable by its tactics, techniques, and procedures. Patterns of behavior emerge over time that are targetted, not random, and not the work of individual uncoordinated actors. "Pawn Storm" is a reference to the use of multiple attacks on minor 'pawns' to launch an attack on a greater target.March 21, 2013 - "Guccifer", an alias of Romanian national Marcel Lazar Lehel, releases emails from John Doerr, Dorothy Bush Koch, and Sidney Blumenthal.The Blumenthal emails specifically bring to public attention the 'clintonemail.com' private server address, leading to additional scrutiny in the Benghazi hearings. 4 specific Blumenthal emails are released, dated 12/8/2012, 1/18/2013, and 3/3/2013.Guccifer will later be caught and is revealed to not be an exceptionally technically talented hacker, primarily using social engineering techniques to hack accounts using the password recovery feature. His motivation appears to be an obsession with the 'Illuminati', and he reveals a number of emails from celebrities and Romanian officials. He does not appear to be directly aligned or employed by Russian intelligence, although they may either monitor him or take inspiration from him.2013-2014 - After the Ukrainian revolution ousting Russian-supported President Viktor Yanukovych, there are numerous cyber-attacks on the post-revolution Ukrainian government including power stations, airports and government ministries. The full list is outside of the scope of this document.May 22, 2014 - Hackers target the Ukrainian Election in a 3 pronged attack - First, an infiltration of the federal election system deletes files and disrupts systems used for vote tabulation. Fortunately the government restores the systems from backup.Second, a tailored trojan attempts to substitute false reported tally results, showing a fringe right-wing nationalist candidate winning the election. Even though the hack is stopped and prevented from substituting the results, Russia "Channel One" TV reports the same candidate winning with the same percentage of votes, and shows a screenshot of the website.Third, a DDOS (distributed denial of service) targets the Election computers as the actual vote tallys are being reported in.June 2014 - Pawn Storm/Fancy Bear is implicated in attacks on Polish GovernmentOctober 23, 2014 - Attackers claiming to be ISIL-aligned breach the Warsaw Stock Exchange and post accounts and passwords. According to Polish investigators the attack is linked to Russia, although details are not provided.October 27, 2014 - It is first suggested that APT28 is linked to the Russian Government by FireEye in a detailed analysis. TrendMicro releases a similar analysis in October.June - December 2014 - As part of the armed conflict in Eastern Ukraine, it is later discovered that an Android phone app developed by a Ukrainian soldier to assist with operation of Ukrainian artillery pieces is hacked, with methods consistent to Fancy Bear. This is significant as it may have been used by Russians to provide tracking information to the Russian-supported Ukrainian rebels to locate artillery and troops.November 2014 - The US State Department shuts down its email servers over a weekend to allegedly correct a breach in the non-classified email system. The hack is later attributed to Russia.February-June 2015 - A targetted attack against the Bundestag, or German parliament, is attributed to Fancy Bear.April 9, 2015 - A cyber attack against TV5 Monde, a French television network, disables and causes major damage to their internal networks, nearly shutting down the station. Although the group called the CyberCaliphate claiming credit also claims to be ISIS-aligned, later analysis links the attacker and methods with APT28/Fancy Bear.April 16, 2015 - A report from TrendMicro implicates Pawn Storm/Fancy Bear in attacks on Russian dissidents and political opposition, Ukraine, NATO, and defense contractorsJuly 25, 2015 - The US Joint Chiefs of Staff shuts down email and internet access to investigate a breach caused by spearphishing attributed to Cozy Bear.Summer, 2015 - According to later analysis by CrowdStrike, the attacker known as APT29 or Cozy Bear infiltrates the DNC and remains quietly in place for approximately the next year. According to Guccifer's claims in chats, this is when he first gains access to the network.August 4-August 27 2015 - Pawn Storm/Fancy Bear is suspected in spearphishing attacks targetting the US-based Electronic Frontier Foundation.September 2015 - Pawn Storm/Fancy Bear launches attacks on the Dutch Safety Board responsible for investigating the downing of Malaysian Air flight MH-17 over Ukraine, shot down by Pro-Russian Ukrainian Rebels.December 23, 2015 - An attack on the Ukrainian power grid shuts down power for approximately 250,000 customers for several hours, according to the head of German Intelligence was attributed to APT28/Fancy Bear2016March 16, 2016 - Wikileaks first makes available a publicly searchable archive of Hillary Clinton emails released via FOIA and Congressional Investigation. Although this is not a 'leak' per se, and the emails are all public record, Wikileaks does a public service by making the PDF documents accessible and searchable.Mid March to Mid April - Per SecureWorks analysis, 16 links are created on bit.ly specifically spearphish targetting 9 email accounts at the DNC.March 19 - Date of the "phishing" email received by John Podesta, hilighted by one of his staff stating 'this is a legitimate email [sic]" His staff later stated that he meant to say that the spoofed GMail email was not legitimate. It is unknown if this mistake of wording led Podesta or one of his staff to access the link and provide the password to the attackers.March 21 - The date of the last emails in the Podesta email release Part 1 on Wikileaks. Although there is a possibility that Wikileaks (or the hacker, or middlemen) have additional emails which were not released, the date seems to indicate that Podesta's email may have been secured shortly after breach, and the hacker may only have been able to pull historical emails up to this date. The emails would not be released until October.March 22 - a Spearphishing email is received by Billy Rinehart, a regional field director for the DNC. The email, later analyzed by ThreatConnect, is traced to being sent from a Russian webmail provider, Yandex. It uses the same bitly links and domains and even the same format and the same Ukrainian IP source address as the Podesta spearphish.Late March - Per TheSmokingGun, this is the timeframe in which Sarah Hamilton's gmail account is targetted by spearphishing. The emails would not be strategically leaked to TheSmokingGun.com until June, and released to the public July 13.April - According to analysis by Crowdstrike, the group known as APT28 or "Fancy Bear" infiltrates the DNC network, which is already infiltrated by "Cozy Bear". The evidence indicates that they may not know of each other's presence and are not cooperating.April 10 - DCLeaks website has its first (private) post containing emails from the account of Air Force Gen Philip Breedlove, the head of US and NATO forces until his resignation in May. It is apparent that this post was timestamped prior to the public registration and promotion of the website.April 19 - the DCLeaks.com website is registered. The site claims to be founded by "the American hacktivists who respect and appreciate freedom of speech, human rights and government of the people." Site content relies largely on information copied and pasted from Wikipedia. According to analysis, the site is registered through Romania and probably hosted in Malaysia.Although DCLeaks has no public promotion activity until June, it is apparent from later reports that hackers are using it to collect and post selected emails obtained by hacking Washington insiders, and in some cases are using it to privately leak to small online news websites.May 3 - Ali Chalupa, a DNC staffer, comments in an email (later released by Wikileaks) that she has received security alerts from Yahoo indicating that her account is the target of 'state sponsored actors'.May 9 - Judge Andrew Napolitano, a Fox News commenter, makes an unsubstantiated claim - "There’s a debate going on in the Kremlin between the Foreign Ministry and the Intelligence Services about whether they should release the 20,000 of Mrs. Clinton’s emails that they have hacked into." At the time, neither the DNC, DCCC, or Podesta email hacks have been revealed, and the comment seems to be referencing Hillary Clinton's State Department emails, but specifically refers to Russian hackers. Napolitano has never clarified the source of his information, an apparent source dated May 6 appears on a conspiratorial site with an interesting history of publishing pro-Russian fake news.May 23 - DCLeaks privately posts several email conversations from the gmail account of Brian Keller, an executive of SAIC/Leidos, a defense contractor.June 3 - According to file timestamps, WikiLeaks creates the torrent for the insurance file which is believed to include the DNC hack. Since the DNC files were released, the insurance file was never unlocked, however on the basis of file sizes the insurance file is believed by some experts to be the same.June 4 - DCLeaks privately posts additional emails from "Republican Party Employees". The emails date from October 2015 and are a smattering of little political interest, including many. None of the emails are actually from the RNC "Party" Employees, but are from various state and campaign volunteers. The bylines do not offer an indication of whose account was compromised.According to later analysis by TheSmokingGun, the common thread appears to be that all of these GOP entities contracted IT with a Tennessee firm called Smartech, for web or email hosting.At some unknown date in June, the FBI visited the Connecticut and Illinois GOP to let them know about attempts against their email systems.June 7 - DCLeaks privately posts "files from the William J Clinton Presidential Library". The PDF files are dated from 2006 and some indicate that some were "withdrawn" from the library for privilege reasons.Of note - On December 5, 2013 Guccifer 1.0 released "doodles" made by Bill Clinton on documents held by the library.June 8 - DCLeaks privately posts on their website a handful of documents from George Soros' "Open Society Foundation", as well as 72 documents dating from 2015 from the HRC campaign.June 8 - DCLeaks publicly kicks off their site with the release of emails from Philip Breedlove. There is no particular reason for "American hacktivists" to be interested in Gen Breedlove, who is a NATO leader in Europe, however it is notable on March 3, he testified before the Senate with regards to Russia's intervention in eastern Ukraine, in which he strongly stated how Russia was a threat to international security.June 12 According to a later interview with Guccifer 2.0, he claims that on this date the DNC resets their network, kicking “him” out of it.On the same day, Julian Assange announces that they have documents relating to Hillary Clinton which are pending publication and that it would be “enough evidence” to indict her.“We have upcoming leaks in relation to Hillary Clinton. WikiLeaks has a very big year ahead.” –Julian Assange, June 12, 2016June 14 - The DNC hack is publicly disclosed and attributed to Russia. Russia denies responsibility. The Washington Post reports that according to officials the same hackers targeted the presidential campaigns of Hillary Clinton and Donald Trump, as well as some Republican political action committees."Guccifer 2.0", the faceless online personality later claiming credit for the hack, claimed that he gained access through "NGP-VAN", the 3rd party voter database which is used by the DNC and individual campaigns. Guccifer's explanation of the hack is basically a gobbledegook of hacker jargon but does not stand up to scrutiny.According to at least some experts, Guccifer 2.0's online statements bear more translation error 'fingerprints' of being a native speaker of Russian than Romanian, although there is nothing conclusive.June 14 - the domain actblues.com is registered by a person using an email address linked to domains used in the DNC hack, and also previously linked to "Fancy Bear". This domain 'spoofs' the name of the official DCCC donation site, actblue.org.June 15 Guccifer 2.0 first appears online and states that he and he alone hacked the DNC server. In the blog post, he uses the “)))” smiley emoticon commonly used by those using a Cyrillic keyboard due to the difficulty of typing. The metadata for the documents indicates a username taken from the founder of the Soviet Union’s secret police. 'Guccifer' later claims that this is his 'watermark', while at the same time he claims that he 'hates' being attributed to Russia.June 15 - Crowdstrike releases information and states their belief that Russia is behind the DNC hack.June 16, 19:41 - WikiLeaks uploads the torrent containing their insurance file to their website. Ars Technica’s security editor confirms CrowdStrike’s findings. SecureWorks confirms CrowdStrike’s findings and adds additional information.June 17 WikiLeaks publicly releases their insurance file. ThreatConnect confirms CrowdStrike’s findings and presents additional information based on their research.June 18 Cybersecurity experts are associating the insurance file release with Guccifer 2.0.June 20 Guccifer 2.0 first appears on Twitter and restates that the “DNC’s servers [were] hacked by a lone hacker” and releases the DNC’s opposition research on Donald Trump. Fidelis Cybersecurity confirms CrowdStrike’s findings. Mandiant, a cyber-forensics firm owned by FireEye, confirms CrowdStrike’s findings. CrowdStrike releases additional analysis about Guccifer 2.0.June 19 - June 27 - According to cybersecurity firm FireEye's analysis, 'typosquatting' sites are registered and used to target DCCC Donors. The site "actblues.com" was registered and a spoofed site setup to collect donor information. bit.ly/2ibSv7G 23-July 12 - A cyberattack begins on the Illinois Department of Elections to obtain voter information. IP Addresses used in the attack according to the FBI are from a Russian-based hosting service and are later linked to spearphishing operations against Turkey, Germany and Ukraine.June 26 - According to speculation, this may have been when the DCCC became internally aware of their hack.June 27 - "Guccifer 2.0" privately emails thesmokinggun.com, calls DCleaks a "Wikileaks sub project", and says on his request they (DCLeaks) would provide a link and password to pre-release emails for Smoking Gun to report on. Guccifer provides a link and password to the emails of Sarah Hamilton.July 10 - Seth Rich, a DNC national committee, is murdered at approximately 4AM in Washington DC. Although no evidence whatsoever shows that Rich was leaking DNC information, Julian Assange and others use innuendo to insinuate that he may have been assassinated in retribution for 'leaking' the information which has been proven to be sourced to spearphishing and other hacking campaigns. Other fake news claims that he was 'on his way' to meet with the FBI about charges and indictments against Hillary Clinton.July 13 - DCLeaks publicly releases a handful of emails from "Sarah Hamilton", a Chicago-based consultant working for the Clinton Campaign, and former deputy director of communications for the Clinton Foundation. The emails from 2015 appear to be a selective dump of conversations trying to hilight Clinton ethical issues.July 19 - Wikileaks releases emails leaked from the AKP Party in Turkey, which although unrelated to American politics, have a great deal of relevance to Russia foreign policy and the Syrian conflict. Spearphishing campaigns against Turkish officials were linked to the attacks on the Illinois and Arizona Department of Elections, and APT28/Pawn Storm/Fancy Bear have been linked to spearphishing attacks against Turkey.July 22 - Wikileaks officially releases the DNC emails online in a searchable archive format. The files are limited to the email addresses of 7 key figures at the DNC. While Wikileaks does not reveal sources and provides no information directly linking this to the hack, the timing is apparent.July 28 It’s announced that the FBI is investigating a hack against the DCCC.July 29 Reuters reports that the DCCC has also been breached, allegedly by the same groups responsible for the DNC breach. The DCCC confirms the breach. The breach is “similar” to the DNC breach. Reports emerge that personal information in the DNC breach is being exploited by third parties. The DCCC breach is connected to FANCY BEAR by two firms working together.August 5-12 - In email conversations with a "Steve Wanders" of DCLeaks, TheSmokingGun requests access to the protected emails of William Rinehart, which they are given.August 8 - TheSmokingGun questions DCLeaks via email on how Guccifer provided password access to Sarah Hamilton's emails in June. The DCLeaks representative claims that Guccifer must have hacked them, 'we aren't in touch with this guy' and 'we have no ties with this guy'.August 11 - Hackers going by the pseudonym AnonymousPoland post documents attacking a Russian athlete whistleblower, leaking World Anti-Doping Agency documents as well as defacing the website of anti-doping agency. Private analysis finds the methods to be consistent with Fancy Bear.August 12 - Guccifer 2.0 takes credit in a blog post for the DCCC hack and also publicly claims to be sending the files to wikileaks.Also, documents are specifically leaked out to TheHill.com and TheSmokingGun.com.August 13 - DCLeaks releases documents they claim to be "BIG data", internal "Soros Foundation" documents. The documents appear to date from 2009-2015.August 15 - Guccifer releases additional DCCC files on his personal WordPress blog.August 21 - Trump ally and campaign insider Roger Stone (@RogerJStoneJr) tweets "Trust me, it will soon the Podesta's time in the barrel." [sic], indicating foreknowledge of 'something' happening with Podesta. Stone later claims that he was referring to a 'separate' investigation of Podesta, and not the emails released 7 weeks later.September 14 - DCLeaks publishes a dump of Colin Powell's personal emails from his gmail account (lpowell861 at gmail). The date of the last email is August 29th. Of Note - Guccifer "1.0" previously released Colin Powell's personal emails on Yahoo, however did not provide a "dump" of data but only screenshots. Powell's account information was compromised in a 2012 Dropbox user data breach, although it is later claimed that he was targetted and probably actually hacked by the spearphishing campaign.September 20 DCLeaks publishes a dump of the email of Ian Mellul, a White House Office coordinator and Hillary campaign volunteer. The emails are from February 2015-July 2016. Mellul's email and password may have been exposed in a 2013 Adobe breach.September 13 - Between August 25 and September 12, Hackers target the World Anti-Doping Agency, in retribution for the Administration disqualifying Russian athletes at the 2016 Summer Games in Rio. The private health records of numerous US athletes are released, and combined with hoaxed information to present the appearance of a 'double standard' against the Russian athletes. The hackers wryly claim affiliation with Fancy Bear, posting the hack at fancybears.net. The method of compromise was a targetted spearphishing campaign.September 23 - "Guccifer 2.0" releases a "DCCC Dossier" on Representative Ben Ray Lujan, the DCCC Chair.September 23 - A letter from the Office of DNI identifies Sputniknews as a participant in a Russian disinformation campaign designedOctober 2 - Roger Stone (@RogerJStoneJr) tweets "Wednesday@HillaryClinton is done. #Wikileaks", indicating foreknowledge of some sort of further hacking release.October 4 - "Guccifer 2.0" claims in a blog posting to have "hacked the Clinton Foundation".The blog post contains a screenshot of file folders, and a screenshot of several spreadsheets. Guccifer also congratulates Wikileaks on its "10th anniversary" with a personal message "Julian, you are really cool!"Metadata analysis later shows that the documents released were from the DCCC hack.October 7 - The AccessHollywood video is released, showing Donald Trump making offensive comments about women to Billy Bush.October 7 - Without any previous fanfare, Wikileaks releases the first batch of Podesta emails. Emails are subsequently released at a rate of approximately 2,000 per day.By all appearances, the emails were hacked in March, however are released at a very opportune time to provide a distraction from the AccessHollywood video. Wikileaks has always maintained that leak sources are not allowed to dictate the release schedule for material given to Wikileaks, and that Wikileaks always releases material as soon as it is 'authenticated'.October 10 - SputnikNews, a project of the Russian State Media, publishes a headline regarding a Benghazi memo from Sidney Blumenthal as revealed by the Podesta emails. The issue - the text in question was not a Blumenthal memo, but from a Newsweek article by Kurt Eichenwald, which was sent to Podesta by Blumenthal in an email released by Wikileaks in the first tranche on 10/7. The misquote is tweeted by a few GOP-aligned anonymous accounts on October 10th, and goes slightly viral just prior to the Sputnik article.Sputnik is the only organization which publishes the article, and it is actually removed from online within 19 minutes... nevertheless, the story is picked up by the Trump campaign and Trump makes it a topic at his Rally later that evening.October 12 - Trump Campaign insider Roger Stone admits to a 'back-channel' connection to Wikileaks.October 13 - Newsweek reporter Kurt Eichenwald publicizes his conversations with Sputnik reporter "William Moran". Moran, the SputnikNews reporter responsible for the Blumenthal memo story, claims that he was fired from Sputnik due to Eichenwald's publication of his mistake.Moran, a Georgetown graduate with some Democratic political involvement, later claims to be the "Weekend DC Bureau editor" for Sputnik, despite not mentioning this job on his LinkedIn profile, which contains other details down to his High School GPA. Moran later claims that he posted the article as a mistake believing that he had scooped the rest of the Media on the Blumenthal 'memo', a hoax which had been retweeted by only a few GOP-aligned twitter accounts that same day.October 16 - Roger Stone (@RogerJStoneJr) tweets "It turns out the entity with which I signed a non-disclosure agreement for the #Trump campaign was never legally constituted #invalid", a strange non-sequitur. The best that can be made of it without explanation is that Stone is letting 'someone' know that he is not legally bound by NDA with the Trump campaign.October 17 - The Ecuadorean embassy severs Assange's internet connection temporarily. The release of the Podesta emails appears to have crossed more of a diplomatic red-line than prior releases.October 17 - Despite claiming to be 'fired' by SputnikNews due to his error pointed out by Eichenwald, Bill Moran is allowed to return to Sputnik to post an extended "Opinion" attack piece where he defends himself (and Sputnik), claims that he 'always had a secret hope to become a print journalist', yet at the same time refused the offer from Eichenwald for help getting a job with The New Republic, and also is turning down the reoffer of his Sputnik job in favor of 'a long vacation'.October 19 - DCLeaks privately leaks emails from Zach Leighton to dailycaller.comOctober 22 8:20AM - RussiaToday tweet a news story, already written, about the release of a new batch of Podesta emails on Wikileaks website.October 22 8:50AM - Wikileaks itself tweets to announce the release of the latest batch of Podesta emails.October 24 - DCLeaks unlocks additional emails on their site of White House staffer Sarah Stoll and Clinton campaign staffer Beanca Nicholson.November 4 - In 'his' last public post, Guccifer 2.0 claims to be hacked into the US Federal Election Commission and 'monitoring the election' from the inside, and warns that "Democrats may try to steal the election", although this claim does not make sense as the FEC has very little to do with Election Night operations, when all counting and reporting is being done by state and local officials.After the US ElectionNovember 14 - Redditor posts concern that Wikileaks hash provided for insurance file does not match and validate.November 16 - Wikileaks tweets claiming that the mismatched hash is not an issue as they obviously would match 'decrypted' data, when all previous insurance file releases by WL used a matching hash to the 'encrypted' file.November 29 - An unknown person posting on /r/idaho as /u/williammoran points out Moran's work for SputnikNews. A respondent posting as /u/StopTuitionHikes, appearing to be the real Moran responds 6 hours later attacking and mentioning a "31-year-old Democratic Party staffer spreading McCarthyite lists calling for journalists to be arrested." It is unknown what 'Moran' is referring to.December 17 - In an interview on Hannity's radio show, Assange leaves open the possibility that Guccifer 2.0's releases may have been Russia - ”Now, who is behind these, we dont know,” he said. ”These look very much like theyre from the Russians. But in some ways, they look very amateur, and almost look too much like the Russians.”Let the research continue... via /r/FakeNewsWatch bit.ly/2i4THMc

Hi,

 

I have on record here that you might be interested in our training , and

I thought I would send you an email to let you know about our most

current dates.

 

* Next Course 4 weeks Time ! - 23rd March 2009 - 27th March 2009

 

* Location: Sydney, Australia

 

Pure Hacking is offering a totally hands-on Penetration Testing Course

to the public. For the last two years, the course has been delivered in

primarily on-site format or at Security Events. The course teaches you

the skills required to perform a professional security assessment of

External and Internal Networks.

 

Pure Hacking develops and updates our own course materials from the

exposure the trainers get in there day to day experience as Penetration

Testers, so you are guaranteed to learn the latest threats and exploits

in our course. Other training companies are likely to only cover attacks

for unpatched old operating systems that haven't worked in the real

world for many years!

 

* Learn the latest penetration testing best practices from experts

actively working in the field.

 

* Get trained on how to run the latest exploits against Windows Vista

and 2003 Server.

 

* Understand how to establish covert communications using the latest

kernel-mode rootkit technology.

 

* Learn new methods of network recon that defeats IDS and IPS

technologies.

 

* Take home the software you need for penetration testing a custom

toolkit with over 500 tools.

 

If you would like more detailed information, a direct link to the course

webpage is:

 

purehacking.com/phcourse.php

  

The techniques used by attackers have leaped in sophistication so that

the testing done, even twelve to eighteen months ago, is missing the

most important new attack patterns. In particular, changes we are seeing

which we have updated the course material to include:

 

- The move to exploitation of client-side technologies, such as

browsers, media players, office software, etc., often bypassing

Firewalls and other network defenses. The combined use of traditional

network attack techniques (service exploitation, client-side

exploitation, network mapping, scanning, etc.) with web app attacks (SQL

injection, Cross-Site Scripting, Cross-Site Request Forgery, etc.)

resulting in more lethal attacks than either side can provide by itself.

 

- The use of man-in-the-middle attacks for more sophisticated services

such as Remote Desktop Protocol, wireless authentication schemes, etc.

 

- Instead of exploiting a system and installing a custom attack package

that might be detected by defenders and anti-virus tools, attackers are

increasingly relying on tools that are built into operating systems to

scan for and exploit other machines, making their attacks far more

subtle by turning our technologies against us.

 

- Data mining of social networking sites looking for employee

information for targeted phishing, social engineering, password

dictionaries, and other attack vectors.

 

Additionally, Pure Hacking realises that training budgets are limited in

the current market, we have put in place a variety of promotions in

place to aid you in your process of gaining approval to attend the

course. We can offer discounts for groups and of course free meals for

students.

 

In "Pure Hacking: The Course", you will be training in our hands on

hacking lab, using an attack machine with 3-4 OS's loaded on it against

a target "company" with 30 servers in a DMZ. You will train in hands on

labs and lectures from 9:00am to 5:00pm, Which includes "capture the

flag" exercises where you put together everything you learned during the

day.

 

If you have any questions or need additional information on the courses

or instructors, please feel free to contact me.

 

Attached is the detailed day-by-day course syllabus for Pure Hacking:

The Course and a little about your instructors.

 

* Sorry if this email has been sent in error. We hate getting spam as

well and should you wish to unsubscribe from the Pure Hacking Training

List please reply with unsubscribe in the body of the message.

 

Kind Regards

 

Chris Gatford

ESET NOD32 Antivirus 8 Username And Password 2016 fast award-winning antivirus allows you to confidently explore online. ESET NOD32 Antivirus features new advanced technology that protects against threats as well as browser and application exploits. Anti-Phishing module protects you from fake...

 

www.365pedia.com/eset-nod32-antivirus-username-and-passwo...

via

 

Are you seeing a lot of attacks on your WordPress admin area? Protecting the admin area from unauthorized access allows you to block many common security threats. In this article, we will show you some of the vital tips and hacks to protect your WordPress admin area.

 

1. Use a Website Application Firewall

 

A website application firewall or WAF monitors website traffic and blocks suspicious requests from reaching your website.

 

While there are several WordPress firewall plugins out there, we recommend using Sucuri. It is a website security and monitoring service that offers a cloud based WAF to protect your website.

 

All your website’s traffic goes through their cloud proxy first, where they analyze each request and block suspicious ones from ever reaching your website. It prevents your website from possible hacking attempts, phishing, malware and other malicious activities.

 

For more details, see how Sucuri helped us block 450,000 attacks in one month.

 

2. Password Protect WordPress Admin Directory

 

Your WordPress admin area is already protected by your WordPress password. However, adding password protection to your WordPress admin directory adds another layer of security to your website.

 

First login to your WordPress hosting cPanel dashboard and then click on ‘Password Protect Directories’ or ‘Directory Privacy’ icon.

 

Next, you will need to select your wp-admin folder, which is normally located inside /public_html/ directory.

 

On the next screen, you need to check the box next to ‘Password protect this directory’ option and provide a name for the protected directory.

 

After that, click on the save button to set the permissions.

 

Next, you need to hit the back button and then create a user. You will be asked to provide a username / password and then click on the save button.

 

Now when someone tries to visit the WordPress admin or wp-admin directory on your website, they will be asked to enter the username and password.

 

For more detailed instructions, see our guide on how to password protect WordPress admin (wp-admin) directory.

 

3. Always Use Strong Passwords

 

Always use strong passwords for all your online accounts including your WordPress site. We recommend using a combination of letters, numbers, and special characters in your passwords. This makes it harder for hackers to guess your password.

 

We are often asked by beginners how to remember all those passwords. The simplest answer is that you don’t need to. There are some really great password manager apps that you can install on your computer and phones.

 

For more information on this topic, see our guide on the best way to manage passwords for WordPress beginners.

 

4. Use Two Step Verification to WordPress Login Screen

 

Two step verification adds another security layer to your passwords. Instead of using the password alone, it asks you to enter a verification code generated by the Google Authenticator app on your phone.

 

Even if someone is able to guess your WordPress password, they will still need the Google Authenticator code to get in.

 

For detailed step by step instructions see our guide on how to setup 2-step verification in WordPress using Google Authenticator.

 

5. Limit Login Attempts

 

By default, WordPress allows users to enter passwords as many times as they want. This means someone can keep trying to guess your WordPress password by entering different combinations. It also allows hackers to use automated scripts to crack passwords.

 

To fix this, you need to install and activate the Login LockDown plugin. Upon activation, go to visit Settings » Login LockDown page to configure the plugin settings.

 

For detailed instructions, see our guide on why you should limit login attempts in WordPress.

 

6. Limit Login Access to IP Addresses

 

Another great way to secure WordPress login is by limiting access to specific IP addresses. This tip is particularly useful if you or just a few trusted users need access to the admin area.

 

Simply add this code to your .htaccess file.

 

AuthUserFile /dev/null

AuthGroupFile /dev/null

AuthName "WordPress Admin Access Control"

AuthType Basic

 

order deny,allow

deny from all

# whitelist Syed's IP address

allow from xx.xx.xx.xxx

# whitelist David's IP address

allow from xx.xx.xx.xxx

  

Don’t forget to replace xx values with your own IP address. If you use more than one IP address to access the internet, then make sure you add them as well.

 

For detailed instructions, see our guide on how to limit access to WordPress admin using .htaccess.

 

7. Disable Login Hints

 

On a failed login attempt, WordPress shows errors that tell users whether their username was incorrect or the password. These login hints can be used by someone for malicious attempts.

 

You can easily hide these login hints by adding this code to your theme’s functions.php file or a site-specific plugin.

 

function no_wordpress_errors(){

return 'Something is wrong!';

}

add_filter( 'login_errors', 'no_wordpress_errors' );

 

8. Require Users to Use Strong Passwords

 

If you run a multi-author WordPress site, then those users can edit their profile and use a weak password. These passwords can be cracked and give someone access to WordPress admin area.

 

To fix this, you can install and activate the Force Strong Passwords plugin. It works out of the box, and there are no settings for you to configure. Once activated, it will stop users from saving weaker passwords.

 

It will not check password strength for existing user accounts. If a user is already using a weak password, then they will be able to continue using their password.

 

9. Reset Password for All Users

 

Concerned about password security on your multi-user WordPress site? You can easily ask all your users to reset their passwords.

 

First, you need to install and activate the Emergency Password Reset plugin. Upon activation, go to visit Users » Emergency Password Reset page and click on ‘Reset All Passwords’ button.

 

For detailed instructions, see our guide on how to how to reset passwords for all users in WordPress

 

10. Keep WordPress Updated

 

WordPress often releases new versions of the software. Each new release of WordPress contains important bug fixes, new features, and security fixes.

 

Using an older version of WordPress on your site leaves you open to known exploits and potential vulnerabilities. To fix this, you need to make sure that you are using the latest version of WordPress. For more on this topic, see our guide on why you should always use the latest version of WordPress.

 

Similarly, WordPress plugins are also often updated to introduce new features or fix security and other issues. Make sure your WordPress plugins are also up to date.

 

11. Create Custom Login and Registration Pages

 

Many WordPress sites require users to register. For example, membership sites, learning management sites, or online stores need users to create an account.

 

However, these users can use their accounts to log into WordPress admin area. This is not a big issue, as they will only be able to do things allowed by their user role and capabilities. However, it stops you from properly limiting access to login and registration pages as you need those pages for users to signup, manage their profile, and login.

 

The easy way to fix this is by creating custom login and registration pages, so that users can signup and login directly from your website.

 

For detailed step by step instructions, see our guide on how to create custom login and registration pages in WordPress.

 

12. Learn About WordPress User Roles and Permissions

 

WordPress comes with a powerful user management system with different user roles and capabilities. When adding a new user to your WordPress site you can select a user role for them. This user role defines what they can do on your WordPress site.

 

Assigning incorrect user role can give people more capabilities than they need. To avoid this you need to understand what capabilities come with different user roles in WordPress. For more on this topic see our beginner’s guide to WordPress user roles and permissions.

 

13. Limit Dashboard Access

 

Some WordPress sites have certain users who need access to the dashboard and some users who don’t. However, by default they can all access the admin area.

 

To fix this, you need to install and activate the Remove Dashboard Access plugin. Upon activation, go to Settings » Dashboard Access page and select which users roles will have access to the admin area on your site.

 

For more detailed instructions, see our guide on how to limit dashboard access in WordPress.

 

14. Log out Idle Users

 

WordPress does not automatically log out users until they explicitly log out or close their browser window. This can be a concern for WordPress sites with sensitive information. That’s why financial institution websites and apps automatically log out users if they haven’t been active.

 

To fix this, you can install and activate the Idle User Logout plugin. Upon activation, go to Settings » Idle User Logout page and enter the time after which you want users to be automatically logged out.

 

For more details, see our article on how to automatically log out idle users in WordPress.

 

We hope this article helped you learn some new tips and hacks to protect your WordPress admin area. You may also want to see our ultimate step by step WordPress security guide for beginners.

 

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

 

The post 14 Vital Tips to Protect Your WordPress Admin Area (Updated) appeared first on WPBeginner.

 

www.wpbeginner.com/wp-tutorials/11-vital-tips-and-hacks-t...

via WordPress ift.tt/2qC6URI

Researchers believe hacking tools developed by the US National Security Agency were used in a global cyber attack that hit international shipper FedEx, disrupted Britain’s health system and infected computers in nearly 100 countries.

 

Cyber extortionists tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files on Friday.

 

The ransomware encrypted data on the computers, demanding payments of $US300 to $US600 to restore access.

 

Security researchers say they observed some victims paying via the digital currency bitcoin, though they did not know how many had given in to the extortionists.

 

Researchers with security software maker Avast say they had observed 57,000 infections in 99 countries with Russia, Ukraine and Taiwan the top targets.

 

The most disruptive attacks were reported in Britain, where hospitals and clinics were forced to turn away patients after losing access to computers.

 

International shipper FedEx Corp says some of its Windows computers were also infected.

 

“We are implementing remediation steps as quickly as possible,” it said in a statement.

 

Only a small number of US-headquartered organisations were hit because the hackers appear to have begun the campaign by targeting those in Europe, said Vikram Thakur, research manager with security software maker Symantec.

 

By the time they turned their attention to the United States, spam filters had identified the new threat and flagged the ransomware-laden emails as malicious, Thakur said.

 

The US Department of Homeland Security said late on Friday that it was aware of reports of the ransomware, was sharing information with domestic and foreign partners and was ready to lend technical support.

 

Telecommunications company Telefonica was among many targets in Spain, though it said the attack was limited to some computers on an internal network and had not affected clients or services. Portugal Telecom and Telefonica Argentina also said they were targeted.

 

Private security firms identified the ransomware as a new variant of “WannaCry” that had the ability to automatically spread across large networks by exploiting a known bug in Microsoft’s Windows operating system.

 

“Once it gets in and starts moving across the infrastructure, there is no way to stop it,” said Adam Meyers, a researcher with cyber security firm CrowdStrike.

 

The hackers, who have not come forward to claim responsibility or otherwise been identified, likely made it a “worm,” or self spreading malware, by exploiting a piece of NSA code known as “Eternal Blue” that was released last month by a group known as the Shadow Brokers, researchers with several private cyber security firms said.

 

“This is one of the largest global ransomware attacks the cyber community has ever seen,” said Rich Barger, director of threat research with Splunk, one of the firms that linked WannaCry to the NSA.

 

The Shadow Brokers released Eternal Blue as part of a trove of hacking tools that they said belonged to the US spy agency.

 

Microsoft on Friday said it was pushing out automatic Windows updates to defend clients from WannaCry. It issued a patch on March 14 to protect them from Eternal Blue.

 

The spread of the ransomware capped a week of cyber turmoil in Europe that kicked off a week earlier when hackers posted a huge trove of campaign documents tied to French candidate Emmanuel Macron one and a half days before a run-off vote in which he was elected as the new president of France.

 

On Wednesday, hackers disputed the websites of several French media companies and aerospace giant Airbus.

 

Also, the hack happened four weeks before a British parliamentary election in which national security and the management of the state-run National Health Service (NHS) are important campaign themes.

 

On Friday, Russia’s interior and emergencies ministries, as well as the country’s biggest bank, Sberbank, said they were targeted.

 

The interior ministry said on its website that around 1,000 computers had been infected but it had localised the virus.

 

Source: Hackers use stolen spy tool in cyberattack | Perth Now

  

via

 

You may have recently noticed that WordPress has started adding rel=”noopener noreferrer” to links by default. You may want to know why this happening, and if it has any impact on SEO.

Why is WordPress Adding rel=”noopener noreferrer” to my links? How very dare they?

Well as it turns out, there is a very good reason to add these tags to external links by default – as doing so should stop a potential exploit that allows the new webpage (opened via target="_blank" or window.open()) to control the original parent page – which could result in phishing attacks and similar.

Does adding rel=”noopener noreferrer” to links have any impact on SEO?

You may have already heard about the rel="nofollow" tag, and how significant the SEO impact of this tag can be, and consequently be worried that the rather similar looking “noopener noreferrer” tag has a similar affect.

Well fear not, there is absolutely zero impact on SEO from using rel=”noopener noreferrer”.

This has been confirmed by Google’s John Mu in a direct answer to a webmaster’s question:

Does google still crawl, index, and count a good

Source: managewp.org/articles/15108/does-adding-rel-noopener-nore...

 

williechiu40.wordpress.com/2017/05/11/does-adding-relnoop...