Ohhh Ahhh! REAL Keys! Steampunk Raspberry Pi Laptop...
You can build one or just ogle... http://www.instructables.com/id/Steampunk-Raspberry-Pi-Laptop/
Re: Tracking pixels can conduct surveillance for targeted attacks
With Firefox and its kin (Cyberfox, and possibly PaleMoon), RequestPolicy will do that. I've seen sites that have as many as 20-30 different content providers for all sorts of things that are exposed by RequestPolicy. No such beast for Chrome that I've been able to detect. Unfortunately, RequestPolicy isn't compatible with the new-ish multiprocess capability in FF/CF. Kurt On Tue, Apr 18, 2017 at 4:08 PM, Steve Kinney wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > > On 04/18/2017 05:26 PM, Mirimir wrote: >> On 04/18/2017 12:38 PM, Razer wrote: Malicious hackers can use tracking pixels to help them gather intelligence for attack campaigns, both mass and targeted in scope. >> >> >> >> Well, prudent folk don't render HTML, or download embedded stuff >> :) > > I haven't seen one of these in many moons. Decently designed mail > readers that render HTML do not pull in remote content unless > expressly directed to. "Normal" website based trackers use > Javascript; it is transparent to the (naive) user and can harvest a > much more detailed profile of the viewer's browser than that > volunteered by HTTP request headers. > > Javascrpt filters that block calls for offsite scripts and halt > execution of scripts embedded in HTML cover most of the JS > surveillance vector. I do occasionally dissect web pages to see what > they're made of, with special attention to spyware, but I have never > seen a 1px "web bug" (yes, they have a name) in an HTML document. Not > to say they can't be used, but as far as I can tell they rarely are. > > An option to block all 3rd party image content by default would be a > good addition to a tool like NoScript. Many users would be shocked - > SHOCKED, I TELL YA! - to learn how often they are visiting Cloudflare, > Amazon, and image hosting sites like Photobucket or Imageshack while > viewing "independet, owner operated" websites. > > :o) > > > > > > I do occasionally dissect > -BEGIN PGP SIGNATURE- > Version: GnuPG v2.0.22 (GNU/Linux) > > iQEcBAEBAgAGBQJY9px2AAoJEECU6c5Xzmuq0g0IAMAr9n7mbDXL+wMuInw+9xk1 > GXX21A14rrpTin/kiyDQ20QcuoJkMiLzhRkyG8qFdaInExxK7jQPqVOHZ6frD8KH > /B+ShUo5HBGj4mUZiLXAYKjbkJ0CO3Zqqn0XeDaErQ2zOsovX2AqS1jdTs/67ITM > PoipIOVf8dOVBXu2bdlfHFvXeGCKEN6q9Aq30miKP0e1hEAJBinS8SlFH7+3q9XX > h6/mnnxlqXZmSMN1A0ovPqOagVUwwDYdN+d5gWwCOZhIxETFXOfWVyTym0b8i85o > LDs8VpA3QpiHR/KoNja5NC+mnA9K4joThjSqpPH/vOk62CkD7zsyzzY3S2DOamY= > =6ZhE > -END PGP SIGNATURE-
Re: Tracking pixels can conduct surveillance for targeted attacks
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/18/2017 05:26 PM, Mirimir wrote: > On 04/18/2017 12:38 PM, Razer wrote: >>> Malicious hackers can use tracking pixels to help them gather >>> intelligence for attack campaigns, both mass and targeted in >>> scope. > > > > Well, prudent folk don't render HTML, or download embedded stuff > :) I haven't seen one of these in many moons. Decently designed mail readers that render HTML do not pull in remote content unless expressly directed to. "Normal" website based trackers use Javascript; it is transparent to the (naive) user and can harvest a much more detailed profile of the viewer's browser than that volunteered by HTTP request headers. Javascrpt filters that block calls for offsite scripts and halt execution of scripts embedded in HTML cover most of the JS surveillance vector. I do occasionally dissect web pages to see what they're made of, with special attention to spyware, but I have never seen a 1px "web bug" (yes, they have a name) in an HTML document. Not to say they can't be used, but as far as I can tell they rarely are. An option to block all 3rd party image content by default would be a good addition to a tool like NoScript. Many users would be shocked - SHOCKED, I TELL YA! - to learn how often they are visiting Cloudflare, Amazon, and image hosting sites like Photobucket or Imageshack while viewing "independet, owner operated" websites. :o) I do occasionally dissect -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJY9px2AAoJEECU6c5Xzmuq0g0IAMAr9n7mbDXL+wMuInw+9xk1 GXX21A14rrpTin/kiyDQ20QcuoJkMiLzhRkyG8qFdaInExxK7jQPqVOHZ6frD8KH /B+ShUo5HBGj4mUZiLXAYKjbkJ0CO3Zqqn0XeDaErQ2zOsovX2AqS1jdTs/67ITM PoipIOVf8dOVBXu2bdlfHFvXeGCKEN6q9Aq30miKP0e1hEAJBinS8SlFH7+3q9XX h6/mnnxlqXZmSMN1A0ovPqOagVUwwDYdN+d5gWwCOZhIxETFXOfWVyTym0b8i85o LDs8VpA3QpiHR/KoNja5NC+mnA9K4joThjSqpPH/vOk62CkD7zsyzzY3S2DOamY= =6ZhE -END PGP SIGNATURE-
Re: Tracking pixels can conduct surveillance for targeted attacks
On 04/18/2017 12:38 PM, Razer wrote: >> Malicious hackers can use tracking pixels to help them gather >> intelligence for attack campaigns, both mass and targeted in scope. Well, prudent folk don't render HTML, or download embedded stuff :)
Re: FBI Arrests Former Trader For Stealing High Frequency Trading Code
This is rather brilliant. (at least the public marketing of the concept) Based on my observation of Bitcoin/Altcoins this has been deployed for 2-3 years and is really 'good' at redistributing wealth from naive anarcho-cypto believers and giving it to capital owners. On Tue, Apr 18, 2017 at 10:46:09AM -0700, Razer wrote: > Note: It's in the wild folks (or part of it), and being used for 'good'! > > See: http://publicdissentiment.org/ > > > Public Dissentiment is an online tool that helps protesters negatively > > impact the price of a publicly traded company???s stock by communicating > > with algorithmic market makers. By using the same algorithmic > > sentiment analysis techniques as financial trading bots, the app > > generates posts for social media that link to news stories that will > > be viewed negatively by algorithmic market makers. > > > > If enough of these posts are generated in the same time frame, > > uncertainty about the targeted company???s stock will be created, > > temporarily affecting the price of the stock, consequently making the > > company???s shareholders aware of the public???s negative sentiment > > towards them. > > > === > > === > > > > Almost eight years after Sergey Aleynikov made HFT a watercooler topic > > after the former Goldman engineer was arrested (and incarcerated, then > > released, then charged again, then found innocent, and finally found > > guilty yet again) for allegedly stealing Goldman's proprietary HFT > > code, a trading software developer was charged last Thursday by the > > acting U.S. Attorney in Manhattan, Joon Kim, for attempting to steal > > quantitative trading code from Susquehanna International Group, a > > relatively secretive financial firm based in the Philadelphia area > > that specializes in making markets for options. > > > > A 44-year-old native Russian, Dmitry Sazonov worked for Susquehanna > > since 2004 as a software engineer and, by implication, trader. He was > > arrested in the lobby of Susquehanna???s New York offices last Wednesday > > by FBI agents, Forbes first reported. > > > > According to the complaint, Sazonov "attempted to steal valuable > > proprietary computer code that took his employer years to develop." > > Sazonov was accused ot taking elaborate steps to conceal his attempted > > theft, including camouflaging pieces of source code within > > harmless-looking draft emails on his work computer. > > > > Specifically, the code which Sazonov was accused of stealing was > > linked to an updated trading platform Susquehanna has been developing > > for years to generate exchange and market orders. Sazonov started his > > effort to steal the proprietary trading code in February, the > > complaint says, after learning his supervisor had resigned. > > > > Prosecutors claim that Sazonov, fearing he would be fired, downloaded > > the source code to his company computer and deployed a computer > > program that may have used steganography to break up data and hide > > data within other files, including personal tax and immigration > > documents. Sazonov attached zip files containing the quant trading > > code to two saved emails addressed to a personal account, but he was > > fired and immediately escorted out of Susquehanna???s New York offices > > in February before he had a chance to send the emails. > > > > Then, according to the complaint, on multiple occasions following his > > termination Sazonov contacted individuals employed by Susqyehanna > > seeking the return of computer files on his desktop computer, which he > > claimed were personal documents. Then, last Wednesday, April 12, > > 2017, the feds say Sazonov showed up in the lobby of Susquehanna???s New > > York offices thinking he was going to have them returned. There, an > > FBI agent pretending to be a Susquehanna employee handed Sazonov a > > disk and he was arrested. > > > > As an interesting aside in the complaint we read the following: > > > http://www.zerohedge.com/news/2017-04-18/fbi-arrests-former-susquehanna-trader-stealing-hft-code > >
Tracking pixels can conduct surveillance for targeted attacks
> Malicious hackers can use tracking pixels to help them gather > intelligence for attack campaigns, both mass and targeted in scope. > > Digital marketing firms have long used tracking pixels (longer than > they've been using the Battery Status API, at least) to analyze email > and web marketing campaigns. These pixels are image files that are > usually just one pixel in size, a design which prevents users from > noticing them in most cases. > > With code as simple as src=”http://example.com/cgi-bin/program?e=email-address”>, the > marketing tools ping a website whenever someone downloads an image. > > Tracking pixels can do more than just provide notice of someone > engaging with a media file. They can also gather information about a > user including their IP address, operating system, web browser and > send it to a designated email address. The operator of that address > can then use that information to fine-tune an advertising campaign. > > Unfortunately, tracking pixels don't just help advertisers. Attackers > can also abuse them to carry out malicious campaigns. > > Donald Meyer of Check Point elaborates on this misuse of tracking > pixels in a blog post: > More: https://www.grahamcluley.com/tracking-pixels-can-conduct-surveillance-targeted-attacks/
FBI Arrests Former Trader For Stealing High Frequency Trading Code
Note: It's in the wild folks (or part of it), and being used for 'good'! See: http://publicdissentiment.org/ > Public Dissentiment is an online tool that helps protesters negatively > impact the price of a publicly traded company’s stock by communicating > with algorithmic market makers. By using the same algorithmic > sentiment analysis techniques as financial trading bots, the app > generates posts for social media that link to news stories that will > be viewed negatively by algorithmic market makers. > > If enough of these posts are generated in the same time frame, > uncertainty about the targeted company’s stock will be created, > temporarily affecting the price of the stock, consequently making the > company’s shareholders aware of the public’s negative sentiment > towards them. > === === > Almost eight years after Sergey Aleynikov made HFT a watercooler topic > after the former Goldman engineer was arrested (and incarcerated, then > released, then charged again, then found innocent, and finally found > guilty yet again) for allegedly stealing Goldman's proprietary HFT > code, a trading software developer was charged last Thursday by the > acting U.S. Attorney in Manhattan, Joon Kim, for attempting to steal > quantitative trading code from Susquehanna International Group, a > relatively secretive financial firm based in the Philadelphia area > that specializes in making markets for options. > > A 44-year-old native Russian, Dmitry Sazonov worked for Susquehanna > since 2004 as a software engineer and, by implication, trader. He was > arrested in the lobby of Susquehanna’s New York offices last Wednesday > by FBI agents, Forbes first reported. > > According to the complaint, Sazonov "attempted to steal valuable > proprietary computer code that took his employer years to develop." > Sazonov was accused ot taking elaborate steps to conceal his attempted > theft, including camouflaging pieces of source code within > harmless-looking draft emails on his work computer. > > Specifically, the code which Sazonov was accused of stealing was > linked to an updated trading platform Susquehanna has been developing > for years to generate exchange and market orders. Sazonov started his > effort to steal the proprietary trading code in February, the > complaint says, after learning his supervisor had resigned. > > Prosecutors claim that Sazonov, fearing he would be fired, downloaded > the source code to his company computer and deployed a computer > program that may have used steganography to break up data and hide > data within other files, including personal tax and immigration > documents. Sazonov attached zip files containing the quant trading > code to two saved emails addressed to a personal account, but he was > fired and immediately escorted out of Susquehanna’s New York offices > in February before he had a chance to send the emails. > > Then, according to the complaint, on multiple occasions following his > termination Sazonov contacted individuals employed by Susqyehanna > seeking the return of computer files on his desktop computer, which he > claimed were personal documents. Then, last Wednesday, April 12, > 2017, the feds say Sazonov showed up in the lobby of Susquehanna’s New > York offices thinking he was going to have them returned. There, an > FBI agent pretending to be a Susquehanna employee handed Sazonov a > disk and he was arrested. > > As an interesting aside in the complaint we read the following: http://www.zerohedge.com/news/2017-04-18/fbi-arrests-former-susquehanna-trader-stealing-hft-code
Spammers n' Scammers: Riseup Changes Account Creation protocol
Sad but probably necessary: > Because Riseup does not tie user account creation to a phone number or > credit card information, many people attempt to obtain Riseup accounts > for the purpose of sending spam or phishing email. > > In the past, we asked people to write a short description of their > activism in order to try to eliminate these scammers. Unfortunately, > over the years, this has been excellent training for teaching scammers > how to sound *exactly* like activists. It got to the point where if an > account request sounded too inspiring and awesome, it was probably > fake. This has been a huge problem for us. > > Another problem is that whenever a Riseup bird leaves their cozy nest, > someone always mentions that they tried to get a Riseup account and > were rejected. Many apologies! We were not judging you. It is likely > that you sounded too wonderful and therefore seemed like a scammer. > > In light of this, we have made two changes: > > (1) We have removed the ability to request a new account. > > (2) We have simplified the process of creating a new account with an > invite. > > It now only requires a single invite in order to create an account, > and every user is able to create more invites. In order to create an > invite for someone, log in to account.riseup.net. > > To prevent abuse, new users are not immediately able to create > invites. We are hopeful this will make life better for everyone. Rr
[jillb...@gmail.com: Golightly Marshall]
Watcha doin' Rabbi? Shhh ... and don't tell the goy .. - Forwarded message from Jill - From: Jill To: Coordinator Date: Tue, 18 Apr 2017 16:59:50 +1000 Subject: Golightly Marshall Yah and Ash - need an army https://zionistreport.com/2017/04/rabbis-urge-president-trump-to-attack-syria/ https://www.youtube.com/watch?v=ApLRkFkpVhM - End forwarded message -
Fw: Climate change myth SMASHED as scientists confirm solar activity is a significant driver of Earth’s climate.
Had some really nice climate change today - gorgeous mid April autumn day. Nearly feels like summer. Changed from cold and wet for nigh on two weeks. Just love this changing climate... Regards Zen PS: comparing "our Sun, the sole known significant driver" of climate change, v.s. Al Gore's global carbon tax over 10 years resulting in --undetectable-- changes to climate, gotta wonder if and who might be pushing an agenda... - Forwarded message from Gil May - From: Gil May To: rea...@hotmail.com.au Bcc: zen...@gmail.com Date: Tue, 18 Apr 2017 17:40:11 +1000 Subject: Climate change myth SMASHED as scientists confirm solar activity is a significant driver of Earth’s climate. Climate change myth SMASHED as scientists confirm solar activity is a significant driver of Earth’s climate. http://naturalnews.com/2017-04-16-climate-change-myth-smashed-as-scientists-confirm-solar-activity-is-a-significant-driver-of-earths-climate.html# The Sun Controls The Climate: Well I'll be buggered. All us older guys knew that, they taught us that in School back in the 50's, 60's & 70's – Hell, I am amazed—bloody near speechless. How come these silly buggers today do not know the sun causes climate change, don’t they open their eyes every morning and look upwards, maybe they were too busy to notice Summer, Autumn, Winter and Spring? Simple common sense things every country kids and farmer knows, Whose lives are based on knowing when to plant and harvest crops to feed these silly brainwashed beggars that don’t seem to know what that blazing nuclear furnace in the sky really is. - End forwarded message -
