http://mobile.slashdot.org/story/09/12/16/0159251/Israeli-Border-Police-Shoot-US-Students-Laptop
From: Randy It's an iPhone Thang! Was learning cursive neccessary? On Dec 17, 2009, at 12:39 AM, [email protected] wrote: > Send funsec mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of funsec digest..." > > > Today's Topics: > > 1. US and Russia in Cyber Warfare Talks (Gadi Evron) > 2. Re: US and Russia in Cyber Warfare Talks (Charles Miller) > 3. Re: Resources on political thinking (Gadi Evron) > 4. Adobe 0-day vulnerability CVE-2009-4324 - what this means? > (Juha-Matti Laurio) > 5. New Zealand: Conficker Cripples Waikato District Health Board > (Paul Ferguson) > 6. Re: New Zealand: Conficker Cripples Waikato District Health > Board (Alex Lanstein) > 7. Iraqi Insurgents Hack U.S. Drones (Paul Ferguson) > 8. The Legality of Publishing Hacked E-Mails (Gadi Evron) > 9. Re: The Legality of Publishing Hacked E-Mails (Paul Ferguson) > 10. Re: New Zealand: Conficker Cripples Waikato District Health > Board (Peter Evans) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 16 Dec 2009 23:23:16 +0200 > From: Gadi Evron <[email protected]> > Subject: [funsec] US and Russia in Cyber Warfare Talks > To: funsec <[email protected]> > Message-ID: <[email protected]> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > http://www.telegraph.co.uk/technology/news/6808883/US-and-Russia-in-secret-cyber-warfare-talks.html > > > -- > Gadi Evron, > [email protected]. > > Blog: http://gevron.livejournal.com/ > > > ------------------------------ > > Message: 2 > Date: Wed, 16 Dec 2009 15:51:44 -0600 > From: Charles Miller <[email protected]> > Subject: Re: [funsec] US and Russia in Cyber Warfare Talks > To: Gadi Evron <[email protected]> > Cc: funsec <[email protected]> > Message-ID: > <[email protected]> > Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes > > That's going to work out great since all cyber attacks originate in > either the US or Russia. > > Charlie > > On Dec 16, 2009, at 3:23 PM, Gadi Evron wrote: > >> http://www.telegraph.co.uk/technology/news/6808883/US-and-Russia-in-secret-cyber-warfare-talks.html >> >> >> -- >> Gadi Evron, >> [email protected]. >> >> Blog: http://gevron.livejournal.com/ >> _______________________________________________ >> Fun and Misc security discussion for OT posts. >> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec >> Note: funsec is a public and open mailing list. > > > > ------------------------------ > > Message: 3 > Date: Wed, 16 Dec 2009 23:58:43 +0200 > From: Gadi Evron <[email protected]> > Subject: Re: [funsec] Resources on political thinking > To: [email protected] > Message-ID: <[email protected]> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > On 12/4/09 8:57 AM, Drsolly wrote: >> On Fri, 4 Dec 2009, Peter Evans wrote: >> >>> On Thu, Dec 03, 2009 at 06:07:51PM -0800, Robert Graham wrote: >>>>>>>> Look at "The thick of it". >> >>>> Never heard of it before. Just downloaded some episodes and watched >>>> them. I'm not sure what it has to do about political thinking BUT >>>> OMG >>>> THE SWEARING IS AWESOME. >> >> I think one of the major points of the series, is that there isn't >> any >> "political thinking". >> >>>> Great gift for your friend's teenage kids to educate them about >>>> British culture. Your friends will appreciate it. >> >> Your friends teenage kids probably already know the word "fuck". >> But it >> certainly isn't a good gift for anyone who has that in their list >> of taboo >> words. >> >> Maybe this is a Monty Python sort of thing - either you find "The >> thick of >> it" funny or you don't, and if you do, it's hard to explain why. > > It's funny, and I'm the last person to mind the swearing. However, > After > watching the whole of the 3rd season I reached the conclusion that > watching it tenses me up, physicslly. > > Maybe it's the shouting, maybe the swearing and maybe it's the fast > pace > of nonsense. Heck, maybe it's the fast talking combined with the > Scottish accent which makes it difficult for me to understand. Maybe > all > of the above or none. But it tenses me and I don't like that. > > Gadi. > > > > > -- > Gadi Evron, > [email protected]. > > Blog: http://gevron.livejournal.com/ > > > ------------------------------ > > Message: 4 > Date: Thu, 17 Dec 2009 01:26:59 +0200 (EET) > From: Juha-Matti Laurio <[email protected]> > Subject: [funsec] Adobe 0-day vulnerability CVE-2009-4324 - what this > means? > To: [email protected] > Message-ID: > <[email protected]> > Content-Type: text/plain; Charset=iso-8859-1; Format=Flowed > > This document has answers to What this means type questions. > > i.e. What an organization can make to protect? > > Link: > http://blogs.securiteam.com/index.php/archives/1339 > > Juha-Matti > > > ------------------------------ > > Message: 5 > Date: Wed, 16 Dec 2009 18:24:34 -0800 > From: Paul Ferguson <[email protected]> > Subject: [funsec] New Zealand: Conficker Cripples Waikato District > Health Board > To: funsec <[email protected]> > Message-ID: > <[email protected]> > Content-Type: text/plain; charset=ISO-8859-1 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Conficker -- it's still out there. > > Via NZHerald.co.nz. > > [snip] > > Waikato District Health Board has been crippled by a computer worm > which > has seen every PC in the organisation shut down. > > While the main hospital in Hamilton and smaller outlying hospitals > were > continuing to function, spokeswoman Mary-Ann Gill said it was > important > people only came for treatment if it was absolutely necessary. > > Emergency care was still available but those arriving for routine > appointments were being affected, as were GPs who often made > referrals to > hospitals via email. > > "We are asking GPs to only make urgent referrals," she said. > > "We need to keep as many people out of hospitals as we can." > > Ms Gill said DHB technicians were working on a computer upgrade > overnight > when things started to go awry. > > "About 2am they noticed there were some issues with the computers. > By 4am > they realised a computer virus had got into our whole system. > > [snip] > > More: > http://www.nzherald.co.nz/technology/news/article.cfm?c_id=5&objectid=10616 > 074 > > - - ferg > > -----BEGIN PGP SIGNATURE----- > Version: PGP Desktop 9.5.3 (Build 5003) > > wj8DBQFLKZZcq1pz9mNUZTMRAlkKAJ9VnRU/KtyWRKnf4iASLRAdV7LAXQCeK5Gc > 9oRMGFUL9YIELamc15okR0Y= > =W3J2 > -----END PGP SIGNATURE----- > > > -- > "Fergie", a.k.a. Paul Ferguson > Engineering Architecture for the Internet > fergdawgster(at)gmail.com > ferg's tech blog: http://fergdawg.blogspot.com/ > > > ------------------------------ > > Message: 6 > Date: Wed, 16 Dec 2009 20:20:36 -0800 > From: Alex Lanstein <[email protected]> > Subject: Re: [funsec] New Zealand: Conficker Cripples Waikato District > Health Board > To: funsec <[email protected]> > Message-ID: > <[email protected]> > Content-Type: text/plain; charset="us-ascii" > > What drives me up a wall is all those proprietary hospital machines > (MRIs, prescription dispensers, etc) that are managed by outside > vendors are rarely/never get even Windows patches. It would have > taken about 3 words to change HIPPA to cover this long-standing > gaping hole. > > Alex > > ________________________________________ > From: [email protected] [[email protected]] On > Behalf Of Paul Ferguson [[email protected]] > Sent: Wednesday, December 16, 2009 9:24 PM > To: funsec > Subject: [funsec] New Zealand: Conficker Cripples Waikato District > Health Board > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Conficker -- it's still out there. > > Via NZHerald.co.nz. > > [snip] > > Waikato District Health Board has been crippled by a computer worm > which > has seen every PC in the organisation shut down. > > While the main hospital in Hamilton and smaller outlying hospitals > were > continuing to function, spokeswoman Mary-Ann Gill said it was > important > people only came for treatment if it was absolutely necessary. > > Emergency care was still available but those arriving for routine > appointments were being affected, as were GPs who often made > referrals to > hospitals via email. > > "We are asking GPs to only make urgent referrals," she said. > > "We need to keep as many people out of hospitals as we can." > > Ms Gill said DHB technicians were working on a computer upgrade > overnight > when things started to go awry. > > "About 2am they noticed there were some issues with the computers. > By 4am > they realised a computer virus had got into our whole system. > > [snip] > > More: > http://www.nzherald.co.nz/technology/news/article.cfm?c_id=5&objectid=10616 > 074 > > - - ferg > > -----BEGIN PGP SIGNATURE----- > Version: PGP Desktop 9.5.3 (Build 5003) > > wj8DBQFLKZZcq1pz9mNUZTMRAlkKAJ9VnRU/KtyWRKnf4iASLRAdV7LAXQCeK5Gc > 9oRMGFUL9YIELamc15okR0Y= > =W3J2 > -----END PGP SIGNATURE----- > > > -- > "Fergie", a.k.a. Paul Ferguson > Engineering Architecture for the Internet > fergdawgster(at)gmail.com > ferg's tech blog: http://fergdawg.blogspot.com/ > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > > > > ------------------------------ > > Message: 7 > Date: Wed, 16 Dec 2009 21:45:14 -0800 > From: Paul Ferguson <[email protected]> > Subject: [funsec] Iraqi Insurgents Hack U.S. Drones > To: funsec <[email protected]> > Message-ID: > <[email protected]> > Content-Type: text/plain; charset=ISO-8859-1 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Via WSJ.com. > > [snip] > > Militants in Iraq have used $26 off-the-shelf software to intercept > live > video feeds from U.S. Predator drones, potentially providing them with > information they need to evade or monitor U.S. military operations. > > Senior defense and intelligence officials said Iranian-backed > insurgents > intercepted the video feeds by taking advantage of an unprotected > communications link in some of the remotely flown planes' systems. > Shiite > fighters in Iraq used software programs such as SkyGrabber -- > available for > as little as $25.95 on the Internet -- to regularly capture drone > video > feeds, according to a person familiar with reports on the matter. > > U.S. officials say there is no evidence that militants were able to > take > control of the drones or otherwise interfere with their flights. > Still, the > intercepts could give America's enemies battlefield advantages by > removing > the element of surprise from certain missions and making it easier for > insurgents to determine which roads and buildings are under U.S. > surveillance. > > The drone intercepts mark the emergence of a shadow cyber war within > the > U.S.-led conflicts overseas. They also point to a potentially serious > vulnerability in Washington's growing network of unmanned drones, > which > have become the American weapon of choice in both Afghanistan and > Pakistan. > > [snip] > > More: > http://online.wsj.com/article/SB126102247889095011.html > > - - ferg > > -----BEGIN PGP SIGNATURE----- > Version: PGP Desktop 9.5.3 (Build 5003) > > wj8DBQFLKcVjq1pz9mNUZTMRAibtAJ4p9qfYHc2w0LEL2Hgw3TxRRYX9pACgmUS5 > C8pikihY34k/UVSLw6tjKWk= > =TxNt > -----END PGP SIGNATURE----- > > > -- > "Fergie", a.k.a. Paul Ferguson > Engineering Architecture for the Internet > fergdawgster(at)gmail.com > ferg's tech blog: http://fergdawg.blogspot.com/ > > > ------------------------------ > > Message: 8 > Date: Thu, 17 Dec 2009 07:59:28 +0200 > From: Gadi Evron <[email protected]> > Subject: [funsec] The Legality of Publishing Hacked E-Mails > To: funsec <[email protected]> > Message-ID: <[email protected]> > Content-Type: text/plain; charset=windows-1252; format=flowed > > http://www.cjr.org/the_observatory/the_legality_of_publishing_hac.php > > The publication of thousands of e-mails hacked from the University of > East Anglia?s Climate Research Unit led to furious arguments about the > science and politics of climate change. When the e-mails first leaked, > however, reporters and bloggers on both sides of the debate expressed > reservations about the legality and ethicality of publishing > information > acquired illegally. > > Large excerpts and quotes of the e-mail exchanges have since been > published in a variety of media, including newspapers, television, and > blogs. The Wall Street Journal posted a full downloadable file on its > Web site. Most outlets, however, opted to refer readers to places like > www.eastangliaemails.com for the complete listing ? a decision that > drew > many rebukes. The New York Times in particular has drawn harsh > criticism > for its handling of the e-mails. Public Editor Clark Hoyt wrote a > convincing defense of the paper, arguing that it handled the situation > ?appropriately.? > > Still, confusion over the legal and ethical implications of publishing > hacked e-mails lingers. Some of the newspapers that have refused to > publish the documents have general policies dictating that journalists > not break any laws in the newsgathering process. Where these policies > exist, however, they are a matter of journalistic ethics rather than > an > attempt to adhere to a well defined legal doctrine. > > Given the confusion, CJR decided to consult relevant case law and > spoke > with two publishing law experts about the hacked e-mails. The > following > is a primer providing some direction for journalists. It should not be > taken as legal advice. There is no absolute rule here and the unique > details of each individual case are paramount. > > > > > > -- > Gadi Evron, > [email protected]. > > Blog: http://gevron.livejournal.com/ > > > ------------------------------ > > Message: 9 > Date: Wed, 16 Dec 2009 22:20:10 -0800 > From: Paul Ferguson <[email protected]> > Subject: Re: [funsec] The Legality of Publishing Hacked E-Mails > To: Gadi Evron <[email protected]> > Cc: funsec <[email protected]> > Message-ID: > <[email protected]> > Content-Type: text/plain; charset=ISO-8859-1 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Wed, Dec 16, 2009 at 9:59 PM, Gadi Evron <[email protected]> wrote: > >> http://www.cjr.org/the_observatory/the_legality_of_publishing_hac.php >> > > On a related note, here's something that is just wrong: > > "Minnesota Public Radio Reporter Faces Hacking Charges For Reporting > On > Data Leak" > > Via techdirt.com. > > [snip] > > We were just noting how the Computer Fraud and Abuse Act is regularly > abused to bring "hacking" charges where none are really warranted. > And here > we have yet another example. Alex Howard points out that a Minnesota > Public > Radio reporter, Sasha Aslanian, is potentially facing "hacking" > charges > from a Texas company called Lookout Services. Lookout creates > employment/compliance software for large organizations, and Aslanian > was > reporting on a supposed data vulnerability in the software used to > verify > employment eligibility that could potentially reveal private info. > Aslanian's report noted that she was able to see info from the state > of > Minnesota, and the state was now directing agencies to stop using > Lookout. > The details are not entirely clear, but from what's written at the > MinnPost > link above, it sounds like there were some vulnerabilities, poor > security, > and a bungled demonstration which revealed a vulnerability -- all of > which > Lookout admits -- and from those vulnerabilities (which Lookout > claims it > closed), someone was able to adjust the URL to find private data. > > So, basically, the company admits to a series of vulnerabilities, > which > exposed info that allowed the reporter to eventually see some private > data... but still claims that the reporter was "hacking" and is now > looking > to sue under the same Computer Fraud and Abuse Act, which could lead > to 5 > years in prison. Because our federal government still hasn't passed a > journalism shield law, the reporter is potentially liable, though, > as the > MinnPost reporter notes, Lookout seems particularly shortsighted in > bringing this lawsuit in the first place. All it does is call more > attention to its own vulnerabilities and failings. And the CEO of > Lookout > basically responds that she doesn't care [...] > > [snip] > > More: > http://www.techdirt.com/articles/20091215/2340237379.shtml > > Key quote: > > "I would argue that the company's reaction to this gives many more > reasons > never to do business with Lookout -- more than any discovered > vulnerabilities." > > - - ferg > > > -----BEGIN PGP SIGNATURE----- > Version: PGP Desktop 9.5.3 (Build 5003) > > wj8DBQFLKc2Uq1pz9mNUZTMRApKsAKDknSx3ODzO7FlXNzQBW8CHLWGWTwCfSHak > JgbxBXpdWzE9rjdPk35/u5w= > =RJTo > -----END PGP SIGNATURE----- > > > > > -- > "Fergie", a.k.a. Paul Ferguson > Engineering Architecture for the Internet > fergdawgster(at)gmail.com > ferg's tech blog: http://fergdawg.blogspot.com/ > > > ------------------------------ > > Message: 10 > Date: Thu, 17 Dec 2009 15:39:38 +0900 > From: Peter Evans <[email protected]> > Subject: Re: [funsec] New Zealand: Conficker Cripples Waikato > District > Health Board > To: funsec <[email protected]> > Message-ID: <[email protected]> > Content-Type: text/plain; charset=iso-8859-1 > > On Wed, Dec 16, 2009 at 08:20:36PM -0800, Alex Lanstein wrote: >> What drives me up a wall is all those proprietary hospital machines >> (MRIs, >> prescription dispensers, etc) that are managed by outside vendors are >> rarely/never get even Windows patches. It would have taken about 3 >> words to >> change HIPPA to cover this long-standing gaping hole. > > Personally, I think gear that lives depend on shouldn't be > networked, > failing that, there should be no outide way into their playpen. > > Convenience will of course over-rule any security requirements > everytime. > (Except the TSA!) > > > If they are windows embedded, it isn't that easy to update them. > They don't run windows update. They do have something called DUA, > which allows them to check for orders and obey them, eg, > periodically, > on startup, etc. > > They release monthly security patches on the XPE site. > > Its still not that easy because between the c05a image and d06b > image, > somehow 9000 files have changed and I really dont want to send out > 190mb of diffs. (some might be me, most is windows though). > > I know because I have 400 or so out there on the end of HSDPA > modems. > > I make no attempt to keep them current, and I can see why makers of > machines in hospitals wouldnt either, its a hassle. What's more, > with > a09, b09, c04, c05, c05a, d06 and d06b revisions out there, some > of those > machines would never get over it! > > P > > You are, of course, encouraged to try and get your name on the > big ribbon. > Winner gets a beer or biscuit. > > http://www.ixp.jp/ribbon/ > > > > ------------------------------ > > _______________________________________________ > funsec mailing list > [email protected] > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > > End of funsec Digest, Vol 52, Issue 34 > ************************************** _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
