[podcast]http://isdpodcast.com/podcasts/InfoSec Daily Podcast Episode 267.mp3[/podcast]
ISDPodcast Episode 267 for November 29, 2010. Tonight’s podcast is hosted by Rick Hayes, Keith Pachulski, and Karthik Rangarajan.
Announcements:
MyHardDriveDied.com Data Recovery Class:
http://www.myharddrivedied.com
Washington, DC – December 6th – 10th
Use the Discount Code: isdpodcast for a $300 discount.
SANS Cyber Defense Initiative 2010
Washington, DC.
Marriott Wardman Park
Dec 10-17, 2010
http://washingtontechnology.com/calendar/2010/12/sans-cyber-defense-initiative-2010.aspx
SANS Community:
Jason Lawrence, Management 414: SANS +S Training Program for the CISSP Certification Exam: http://www.sans.org/mentor/details.php?nid=23493
Wednesday, February 23, 2011 – Wednesday, April 27, 2011
Use the Discount Code: isdpod15 for a 15% discount.
DojoCon:
13699 Dulles Technology Dr
Herndon, VA 20171
Dec 11-12, 2010
Appalachian Institute of Digital Evidence (AIDE):
AIDE Winter Meeting, Marshall University Forensic Science Center, Huntington, WV
When: February 17 – 18, 2011
CFP Deadline: December 12, 2010
http://aide.marshall.edu/default.htm
FTW: http://cargocollective.com/4thamendment
Stories:
News: http://bit.ly/ebUxOe
Wikileaks on Sunday released hundreds of thousands of U.S. State Department documents online and to news organizations, presenting a range of potentially embarrassing revelations about back channel diplomacy between the U.S., allies, and other countries. The documents, not all of which were immediately accessible to the public due to the cyber attack on Wikileaks, reveal discussions on a range of sensitive matters around the world, including worries about nuclear proliferation in Iran and North Korea.
The cables also reveal that China’s Politburo “directed the intrusion into Google’s computer systems,” according to the New York Times, which was provided with copies of the documents. A Chinese contact reportedly confirmed to U.S. embassy officials in Beijing the involvement of China’s government in the cyber attack on Google’s network that occurred late last year and was disclosed in January, 2010. The officially sanctioned cyber attack involved government operatives, private security contractors, and Internet criminals recruited by the Chinese government, the New York Times said.
Google declined to comment. In a press briefing on Nov. 24, Assistant Secretary of State Philip J. Crowley said the cables are classified and denounced Wikileaks’ decision to release of the documents. “We decry what has happened,” said Crowley. “These revelations are harmful to the United States and our interests. They are going to create tension in our relationships between our diplomats and our friends around the world. We wish that this would not happen. But we are, obviously, prepared for the possibility that it will.” U.S. Secretary of State Hillary Clinton has reportedly been reaching out to leaders in various countries to prepare them for the release of the diplomatic cables.
News: http://www.govexec.com/dailyfed/1110/112910rb1.htm
Day late dollar short..
On the heels of Sunday’s unauthorized disclosure of a quarter million confidential State Department documents, the Obama administration has directed federal agencies to initiate an immediate review of their protocols for safeguarding sensitive information. In a Nov. 28 governmentwide memo, Office of Management and Budget Director Jacob “Jack” Lew ordered all agencies that handle classified documents to establish security assessment teams to look over their policies against improper disclosures.
News: http://bit.ly/eCM3hf, http://bit.ly/h1ku71, http://bit.ly/eZtGWi, and http://bit.ly/e9W3nT
@th3j35t3r takes responsibility for WikiLeaks DDoS.
http://www.wired.com/threatlevel/2010/11/wikileaks-attack/
A dwarf with a sledgehammer is not very big. If it hits your balls and takes you down, it’s big enough.
News: http://www.ice.gov/news/releases/1011/101129washington.htm
https://www.eff.org/deeplinks/2010/11/us-government-seizes-82-websites-draconian-future
Over the past few days, the U.S. Justice Department, the Department of Homeland Security and nine U.S. Attorneys’ Offices seized 82 domain names of websites they claim were engaged in the sale and distribution of counterfeit goods and illegal copyrighted works.
Setting aside the due process concerns inherent in seizing any website without notice or appropriate recourse for the owner, it appears that the “raid” has swept up several sites that are hardly in the business of willful copyright infringement. For example, the the list of targets included OnSmash.com and RapGodfathers.com. Both sites are dedicated to promoting rap and hiphop, showcasing new artists and helping fans connect and share information about the music they love. According to the owners, they regularly and expeditiously process copyright infringement notices and take down links as appropriate. Indeed, OnSmash says the labels themselves are often the source of the links OnSmash makes available. In other words, they try to play by the rules. Moreover, the sites are not simply collections of links; rather, they provide a wide array of information and forums for speech, all of which was rendered inaccessible by the seizure.
This type of seizure is not unprecedented, but we haven’t seen it happen on such a broad scale before. This kind of mass action raises at least three concerns:
First, these seizures may be just a short preview of the kind of overreaching enforcement we’ll see if the Congress passes the Combating Online Infringement and Counterfeits Act (COICA). That bill, which was approved by the Senate Judiciary Committee on Nov 18, gives the government dramatic new copyright enforcement powers, in particular the ability to make entire websites disappear from the Internet if infringement, or even links to infringement, are deemed to be “central” to the purpose of the site. Rather than just targeting files that actually infringe copyright law, COICA’s “nuclear-option” design has the government blacklisting entire sites out of the domain name system — a reckless scheme that will undermine global Internet infrastructure and censor legitimate online speech. As we’ve noted, one of the most pernicious effects of COICA is likely to be just what we’ve seen here: the takedown of legitimate speech.
Second, the seizures also show why this kind of enforcement doesn’t work; seized sites were available at other domain names within hours. If the United States government increases interference in critical DNS infrastructure to police alleged copyright infringement, it is very likely that a large percentage of the Internet will shift to alternative DNS mechanisms that are located outside the US. This will cause numerous problems — including new network security issues, as a large percentage of the population moves to encrypted offshore DNS to escape the censoring effects of the procedures outlined in COICA. Presumably the DOJ and the DHS should be committed to improving network security — not undermining it.
Third, it’s hard to believe that this kind of action is the best use of the Department of Homeland Security’s resources. What investigations didn’t occur while the DHS spent it time and energy pursuing the agenda of large media companies? Moreover, it’s highly unlikely that this publicity stunt will really help creators get compensated. The best way to help artists of every stripe get compensated for their work is to make sure that there is a thriving marketplace of innovative digital businesses to pay them — business like OnSmash, which is committed to promoting new and unheralded artists.
We hope the legislators considering COICA will take a hard look at these issues before they vote. In the meantime, government officials should take an equally hard look at their enforcement priorities before they spend more of our tax dollars chasing websites.
Since when does ICE handle the investigation of computer crimes and initiating internet stings?
Tools: Armitage introduced into Backtrack4 r2 http://www.offensive-security.com/backtrack/armitage-in-backtrack-4-r2/
apt-get update && apt-get install armitage
