Episode 194 – DIB Monitoring, God Squad, Wi-Fi BS & Laughing of Us

Announcements:

Local Password Exploitation Class:

• The Kentuckiana ISSA will be putting on class on Aug 28th 2010 from 10am to 4:30pm at the Jeffersonville Public Library (https://events.constantcontact.com/register/eventReg?oeidk=a07e2znbzbs77edf8b6&oseq=)
• The class will cover the details of pulling passwords/hashes that are stored on a box where the attacker has physical access to the system, or via network vulnerabilities that can reveal the password/hash. Topics to be covered:
  • Pulling stored passwords from web browsers/IM clients and other apps
  • Hash cracking of Windows passwords, as well as other systems
  • Sniffing plain text passwords off the network
  • How passwords on one box can be used to worm though other hosts on a network
• Seating is limited to 50 people.
• The class is being held as a charity event for the Matthew Shoemaker Memorial Care Fund.  Matthew was a fellow security professional and podcaster who left behind two children, His colleagues have set up an account to help support his two children. Donations can be made to the Shoemaker Memorial Care Fund at The Peoples Bank, P.O. Box 788, Winder, GA 30680. Checks can either be mailed directly or transfers via telephone (770) 867-9111. Please place the account 00133835 on the check.  A PayPal account has been established and you can find on the right hand side of this ISD page (http://www.isdpodcast.com/goodbye-farewall-god-bless/).  Please show your receipt for donation of at least $10 at the door.

Atlanta ISSA:

• ISSA International Conference – September 16, 2010  (http://www.issa.org/page/?p=105)

SANS Community:

• SANS Security 560: Network Penetration Testing and Ethical Hacking – September 17th – 22nd, 2010 (http://www.sans.org/atlanta-2010-cs2/description.php?tid=3142)

9am-5pm US ET
Hilton Atlanta Airport Hotel
1031 Virginia Avenue
Atlanta, GA 30354

• Use the Discount Code: isdpod15 for a 15% discount.

ShoeCon 2010:

• Atlanta, GA September 18th (http:///www.shoecon.org)
  

Wellesley Inn-Atlanta Airport (Google Maps)
1377 Virginia Avenue
East Point, GA 30344
(404) 762-5111

• This is a donation supported event and all the proceeds will go to the Matthew Shoemaker Memorial Fund.
  

SANS Mentoring Program:

• Jason Lawrence will be teaching the SANS Forensics 508 – Computer Forensics and Investigations course in Sandy Springs starting Tuesday, October 12, 2010 – Tuesday, December 14, 2010 (http://www.sans.org/mentor/details.php?nid=21538).  Use the Discount Code: isdpod15 for a 15% discount.
• Adrian Sanabria will be teaching the SANS Security 504 – Hacker Techniques, Exploits & Incident Handling in Knoxville, TN starting Tuesday, October 12, 2010 – Tuesday, December 14, 2010 (http://www.sans.org/mentor/details.php?nid=22258).  Use the Discount Code:  isdpod15KY for a 15% discount.

The Louisville Metro InfoSec Conference:

• Thursday, October 7th, 2010 at Churchill Downs (http://www.louisvilleinfosec.com).  
  Use the Discount Code: IGK-0726 when you and register for $30 off the $99 ticket price ($69), until Sept. 1st.  This discount will expire on that date.

MyHardDriveDied.com:

• MHDD Data Recovery Class current dates and locations:
  • Dallas, TX – October 11th – 15th
  • SANS: Drive and Data Recovery Forensics September 20th – 24th (https://www.sans.org/registration/register.php?conferenceid=21967)
  • Washington, DC – December 6th – 10th
• Cost is $3500 for all classes to reserve and register, call (678) 445-9007, email: smoulton@nicservices.com or go to http://www.myharddrivedied.com Use the Discount Code: isdpodcast for a $300 discount.

Stories of Interest:
News Item 1:  http://www.theatlantic.com/politics/archive/2010/08/nsa-might-monitor-dotcom-domains-for-defense-contractors/61456/

To better secure unclassified information stored in the computer networks of government contractors, the Defense Department is asking whether the National Security Agency should begin to monitor select corporate dot.com domains, several officials and consultants briefed on the matter said.

Under the proposal, which is being informally circulated throughout the department and the Department of Homeland Security, the NSA could set up equipment to look for patterns of suspicious traffic at the internet service providers that the companies’ networks run through. The agency would immediately notify the Pentagon and the companies if pernicious behavior were detected. The Agency would not directly monitor the content of the data streams, only its meta-data. (A Pentagon spokesperson called later to clarify that it would not be legal for the NSA to “monitor” private networks; rather, “DoD and NSA are seeking to provide technical advice, expertise and information to the defense industrial base.”)

The proposal originated in the Office of the Secretary of Defense. Because of the sensitivity associated with NSA internet surveillance and capabilities, the fact of the exploratory tasker, as it is known in Pentagon parlance, and details associated with it are being closely held.

The new program would apply to the companies that make up the Defense Industrial Base (DIB)  and only to the parts of those companies that indigenously store and use sensitive information. As the Department reconfigures its network defenses and the internal structure of its information operation, it continues to deal with a large number of aggressive hacker attacks and data penetrations.  Classified information is not supposed to be stored on any dot.mil subdomain that is accessible to outside computer networks.
News Item 2: http://news.cnet.com/8301-17852_3-20013721-71.html?part=rss&subj=news&tag=2547-1_3-0-20

Father Luke Strand, according to the Milwaukee Journal Sentinel, is a man who believes that humor and advertising are vital components in ministering to his flock. So he decked out his VW Beetle with a logo in black, white, and orange. The logo reads “God Squad.”

The God Squad logo does mimic its Geek Squad counterpart rather closely. But there might have been those who would be flattered that God’s earthly representative would make reference to a mere retailer of electronic gadgets and the occasional racy DVD. However, Paula Baldwin, who ministers at Best Buy’s public relations department, insisted that the company must pursue all trademark infringements, lest it allow its logo to fall into trademark purgatory.
Best Buy is now reportedly working with Father Strand to create something new, but sufficiently removed from the Geek Squad logo.

News Item 3: http://www.cbc.ca/canada/toronto/story/2010/08/15/ontario-wifi.html
[Notes: Karthik - OK, so it almost sounds like the kids are getting affected, but then, don't we all live around wireless all the time? I wonder why people in Tech don't throw up, or have racing heartbeats. Maybe I am just being rude here, but aren't these symptoms called growing up?]

A group of central Ontario parents is demanding their children’s schools turn off wireless internet before they head back to school next month, fearing the technology is making the kids sick. Some parents in the Barrie, Ont., area say their children are showing a host of symptoms, ranging from headaches to dizziness and nausea and even racing heart rates. They believe the Wi-Fi setup in their kids’ elementary schools may be the problem. The parents complain they can’t get the Simcoe County school board or anyone else to take their concerns seriously, even though the children’s symptoms all disappear on weekends when they aren’t in school.

The symptoms, which also include memory loss, trouble concentrating, skin rashes, hyperactivity, night sweats and insomnia, have been reported in 14 Ontario schools in Barrie, Bradford, Collingwood, Orillia and Wasaga Beach since the board decided to go wireless, Palmer said. “These kids are getting sick at school but not at home,” he said. “I’m not saying it’s because of the Wi-Fi because we don’t know yet, but I’ve pretty much eliminated every other possible source.”

The parents group has offered to pay for wired connections if the board switches off the Wi-Fi, Palmer said. “They didn’t even say no,” he said. “They ignored it and … reaffirmed their position supporting Wi-Fi.

“They are culpable and … they have the gall to go on the record and say they haven’t had any doctor’s notes. Well what doctor has been schooled about the rate of microwave infections?” Susan Clarke, a former research consultant to the Harvard School of Public Health, said Wi-Fi technology alters fundamental physiological functioning and can cause neurological and cardiac symptoms.

[Notes: Karthik - OK, at this point, I just have to go WTF? Seriously? I am literally making gestures at my apartment walls now. First come people who want to go back to being bretherians, now they want to go back to giving wireless?]

“We have statistics that show that children, especially young children, are going to absorb much more radiation than older children and adults because of their thinner skulls and because the size of their brains more closely approximates the size of the wavelength being deployed,” Clarke said. Wireless technology also wastes energy, is less secure than wired connections, could be violating a student’s right to a safe environment and should be turned off in schools, Clarke added. “The simple solution is plug back in the wired, ported system that’s already there and unplug the wireless,” she said. “It’s real easy and it costs nothing. In fact, it will save money.”
[Notes: Karthik - OK, seriously, passing out and hitting their heads on the gym floor? Is it just me, or is there some thing seriously wrong with these kids? Wireless can't do this, unless they have some nuclear capabilities that we don't know about. Not within 2 months, for sure.]

The provincial New Democrats said they too had been hearing from parents worried about the effects of wireless technology on children, and called on the chief medical officer of health to investigate. “Within a few months of Wi-Fi being installed, stories start coming forward with kids complaining about headaches, neurological effects, loss of balance and problems with fine motor skills,” said NDP health critic France Gelinas. “There is enough anecdotal evidence from parents that this is worth looking into.” Palmer plans to find alternate schools or even home school his two children this fall if the board doesn’t agree to turn off the Wi-Fi and said other parents will likely follow suit if the symptoms return.

“If they’re going to continue to endanger the health of children, I can predict that many of the parents who are now writing us saying their kids have been fine all summer are going to have a change of heart about the third week of September when their kids are coming home from school with these problems, particularly the ones that are passing out and falling down, hitting their head on the gym floor,” he said.

News Item 4: http://www.csoonline.com/article/print/603043
[Notes: Keith -  I love these where we pick on ourselves because we are all sometimes to quick to laugh at others =)]
Poor resolution camera’s are useless, Committees and bureaucrats rarely understand a thing etc

At the 2010 USENIX Security Symposium, a vulnerability assessor reveals some of the more egregious examples of stupidity on the part of professionals who should know better.

• Security cameras that mostly fail to prevent crime because they have poor resolution that cause security personnel to miss things.
• Electronic voting machines easily tampered with on the voter’s end. Voters can easily remove the panel with candidate names and can then tamper with the electronics. Just swap four wires and you can switch the votes for two candidates, Johnston said. You can also use a radio frequency device to turn the cheating on and off from a half-mile away. It’s also stupidly easy to pick the locks on the voting machines. Johnston showed a video of a colleague doing just that.
• Overlooked insider threats that are usually sparked by bad HR policies. “There are things you can do about disgruntlement but instead companies feed the problem,” Johnston said. “We’ve seen phony or nonexistent grievance and compliance resolution procedures, no constraints on bully bosses, failure to manage expectations, watching for sudden behavioral changes in employees & it all contributes to the problem.”
• Failing to see if employees and contractors can be bribed by offering them money to do bad things.
• Assuming that low-level employees are harmless and never asking what they are up to.