Monday, December 22, 2014

Cyberwarfare threats made using Reddit and Pastebin

The threats (supposedly) made by the North Koreans to Sony were reported to have been posted on Pastebin. What I don't understand is how this relevant to the legitimacy of the threat.

There seems to be a disconnect between reporting by the press and the source of the material that is used to support the claims. While most of the discourse relating to hacking and Cyber-crime-warfare-terrorism seems to take place on Social Media platforms, the "main-stream" media outlets, newspapers and TV, seem to give Internet sites more credibility than they should.

I can't see why we should believe reports that quote things that can be traced back to sites where anybody, with no real authority, can post whatever they like and it is quoted without any question about its validity or whether it could just have been posted by someone who just wanted to make a point.

Whenever I visit such sites such as Reddit or Pastebin, looking for backup on stories that are current, I am greeted by what is largely trivial and nonsensical postings. I am not saying that some of the things that are supposed to have been posted were not there, but they are buried in a "fog" irrelevancy. 

Saturday, December 20, 2014

SE Toolkit - an Android apk

The notion that Social Engineering tools can be run from an Android device is somewhat ludicrous. At best all that you can expect on your portable device is some `crib`notes to suggest what actions you can take to fool a potential target so that you can penetrate their security system.

The whole point of SE, or Social Engineering, is that you use techniques other than those offered to you by running a program on your computer or mobile device. The SE Attack will more than likely consist of a `cold call`in which the person making the call will post as a `Security Professional`that will attempt to gain the log-on details for an employee of a corporation.

Thursday, December 18, 2014

Command and Control Servers (C&C)

A term used by sercurity specialists to make them appear that they know what they are talking about.

Mentioned in the interview on the BBC about the Sony Hack and the pulling of The Interview from US cinemas Dec 2014.

C&C servers are more associated with Botnets and DDoS attacks than the hacking of a companies email servers and the extraction of intellectual property from a corporation or film company.

Wednesday, December 17, 2014

Guardians of Peace (Gop) and Aaron Sorkin

Aaron Sorkin has stated: News outlets more 'morally treasonous' than Sony hackers

He then goes on to say that GoP, and other hackers, are motivated by a cause whilst large corporations are after the nickel. Does he really think that hackers are not after their "15 Minutes of Fame"?  Does this not lead to the bucks?

It is a pity that the Guardians of Peace are referred to as GoP, this makes it indistinguishable from the Grand Old Party when making a search. I am sure the Republicans are pleased about that!

Tuesday, December 16, 2014

Sony and Hacking

I really do find it difficult to have much sympathy for Sony.

If there is a story relating to data breaches Sony are there centre stage. Sony, the company that thought it was a good idea to include a "root-kit" on audio CDs so that they could control the users of their media computers without telling them that it was there, are now in the news from data leaks and email hacking.

I don't really have to add more here as you can find all the "dirt" on them from other sources. All I can say is that in today's relatively mature technological age, Sony should have been able to work out their own security by now.

This, in my opinion, just adds fuel to the Security Industries fire to convince businesses to hire their services. Such a pity that Sony have not seemed to have listened!

Is get_iplayer working correctly or as it did before?

The downloader for BBC iPlayer programmes, get_iplayer, is chronically susceptible to changes made by the BBC in their attempts to "improve" their catch-up service.

Yesterday I observed a search for "get_iplayer works again"

Today I did an experiment and used get_iplayer and mamaged to get an index for Masterchef: The p
Professionals.  I searched for "masterchef:" and I got a result of 3 episodes, 16, 17 and 18. When I do the same search on the BBC iPlayer website I see that there are 12 episodes available to watch.

In its last major failure get_iplayer failed to retrieve any episodes, this was sometime in October 2014. Since that time it is claimed that a "fixed" version of get_iplayer has been made available on the get_iPlayer Lives website. I downloaded the latest version of get_iplayer when the last failure oocured, it still failed to retrieve an index of any programmes. However, you have always been able to download using the PID method.

Since that time, and I have not downloaded the so-called "fixed" version, the get_iplayer script seems to partially work and only retrieves the last few episodes of a series. Still, this is better than none.

It is unclear to me why this is the case and I remain highly skeptical about those that claim to have fixed it. One thing is for sure and the BBC are likely to make more changes in the future.

Monday, December 15, 2014

Ngunduh.com and downloading the aircrack-ng apk

Ngunduh.com came to my attention with someone searching for "ngunduh aircrack apk".

Ngunduh.com seems to be a rather suspect game download bog/website. I would not even bother visiting the site and if you do I would suggest that you are likely to infect your computer.

Sunday, December 14, 2014

Bitcoin - Hashrate Distribution

There has been a relative lull in the interest in Bitcoins on my website (www.tempusfugit.ca) but today I had a visit for someone looking for "tempus fugit pie chart".

The page that was found related to my research on Bitcoin. It is not known if the visitor was interested in Bitcoin but it was an excuse to review some of my page related to it.

I have posted at length about the philosophy behind  the creation and promotion of the use of alternative currencies but without much feedback from those that may have found my pages. If anything any comment that I have garnered has been related to the egotistical response of those involved in the development and promotion in that they have found that I made reference to their names and they have been looking for themselves on the Internet. - i.e. Googling themselves - Narcisurfing. 

Please feel free to comment here if you have a view on Bitcoins.

Saturday, December 13, 2014

FoxyProxy GeoIP Circumvention

A search: "foxproxy add-on firefox download"  was logged today.

There has been a long time since I featured the FoxyProxy add-on for Firefox. This was how FoxyProxy started out and it was, as per the name, a technique that was developed for use with the Firefox browser. It allowed the selection of free proxies so that GeoIP circumvention could be performed. This was useful if you wanted to access services such as the BBC iPlayer from outside the UK.

Since that time, 2010, FoxyProxy has developed in to a fully-fledged VPN service that can be used with all web browsers including Microsoft's Internet Explorer.

The search for foxproxy add-on is presumed to be a search for foxyproxy add-on - which I am pretty sure never existed. I am also making the assumption that there has been a reference to foxproxy in another forum. The visitor finding my site, www.tempusfugit.ca, did not find my page on what FoxyProxy became and how it looked in 2013. It gave me an opportunity to update my pages.

Wednesday, December 10, 2014

windows 8 loader by exmi

As far as I can see this is a scam.


The file that you are supposed to download is exmi.rar. The .rar file extension is a common way that those that are trying to infect your computer with malware disguise "bad" programs in downloads.

If you download a .rar format file you don't know what it contains until you expand it. In many cases this will be too late and you will have compromised your computer.

Download reaver.apk

A search for "telecharger reaver.apk" was observed.

Like many other so-called "Penetration" tools, not many are available for the Android platform.

Reaver-wps was a tool developed to perform "brute-force" attacks on wireless routers that had been secured using the WPS encryption option that used to be popular on many wireless routers.

This vulnerability was expanded by Stefan Viehböck on his blog .braindump - here is quotes research peforrmed on WPS protected systems. He, and the Google Code page for reaver, make reference to this as a pdf that is supposed to explain the attack.

However, there is an admission: "On average Reaver will recover the target AP's plain text WPA/WPA2 passphrase in 4-10 hours". This is for a now seldomly used WPS protected access point and on a regular computer, not an Android device.

The reaver.apk or reaver-wps.apk , if they existed, would not present a security risk to computer users.

There are some Android developers that claim to have written such apps. SWifis, Wireless Reaver and Buckynet WifiReaver.

Tuesday, December 9, 2014

cowpatty.apk

There still seem to be searches for CoWPAtty running on an Android device.

As far as I can  see this is just wishful thinking on the behalf of those that would want to promote bogus apks.

CoWPAtty is a very old wireless penetration script written by Joshua Wright and is now not maintained by him. Joshua is more interested in promoting himself and the courses that he presents for the SANS Institute. He is also the owner and operator of "Will Hack for Sushi" blog/website.