Category Archives: Cyber Dissident

01/6/12

How Can Iran Censor Cyberspace

How does Iran censor cyberspace? -iranian cyber army

gAtO tHiNk the same software that we might use to prevent our children from looking at porn on the Internet is basically the same software that is “sold to regimes everywhere”, but instead of entering pornography-related terms, you put in terms like student union, protest or democratization. or Deep Packet Inspection which I’ll explain later.

** Some of the best commercial grade censorship software sold “to regimes everywhere” comes from Nokia-Siemens and out of Silicon Valley **

The gathering of information as well as covert action against computer networks that occurred in Iran in 2011 can be expected to continue and grow during 2012. Iranian counter-action in the form of a stepped-up cyber and sabotage campaign of their own citizens and against American installations in the Gulf will continue

** Control over the flow of information is a key issue for Iran — home to most Internet users in the Middle East with more than 36 million people of the 75 million populace. **

June 2009 Was the first time Iran Internet was turned off – Following the controversial re-election of President Mahmoud Ahmadinejad in June 2009, the country was cut off for about 24 hours.

Iran-Cyber-Guard Network

The Iranian government asked the three (3) largest Internet service providers to shut down, the problem was they didn’t bother with the smaller ones and a few activists with satellite phoneswere ready and connections to Internet service were providers thru friend and activist in Europe, Dubai or Cyprus.

The technical underground is available to the younger people and they are spreading the word, the pictures, the videos and news from the world that they matter, their voices are being heard. gAtO tHiNk that is the best example of “power to the people” in cyberspace.

** What the west has yet to learn is, there are not many Muslim countries which have a population as networked as that of Iran. :—: The good news is that the more Iran uses cyberspace the more vulnerable they will become **

Instead of using landlines, some Iranian bloggers have taken to using satellite dishes to access the Internet, but they are increasingly being destroyed by special police units. Some of the problems that the Iranian government is facing is that Universities often have their own distinct connections to one another Universities. Major trading houses or major financial centers also sometimes have backup connections.

** Ali Hakim Javadi, Iran’s deputy minister for communications and information technology **

If Iran shuts down the Internet, the price wouldn’t just be political (€€€-$$$). Were Iran to disconnect its oil industries from global information flows, the impact on those industries’ ability to deliver what little they can sell would be enormous. When Hosni Mubarak shut off the Internet in Egypt during the protests there, the impact was disastrous. The five days offline cost the Egyptian economy an estimated €250 million.

Another problem for Iran is other countries are helping the dissidents hide in cyberspace, the US is working on developing the ability to send digital packets that are invisible and are only interpretable for other machines that you set up on the network that know what to look for. It’s called a dark Web infrastructure.

** Tor Project is another source that enables anyone to be anonymous in cyberspace and gain access to otherwise blocked sites **

One way that Iran may be able to control cyberspace in Iran is Deep Packet Inspection (DPI) (also called complete packet inspection and Information eXtraction – IX -). The idea is to slow down the Internet traffic so much that you can use a program to inspect each piece of information that comes and goes.

President Ahmadinejad has indicated he wants to provide an alternative, a so-called intranet (internal network Iranians only) which will allow Iranians to communicate among themselves, as the song said recording “every word you said”. China has the best example of a national network that is relatively disconnected from the rest of the global information infrastructure. The Chinese have built software that basically mimics anything we develop in the West and embed surveillance algorithms deeply into them. But I’d be very surprised if the Iranians were able to launch all of this.

** It’s a lot easier to say “you have a cyber army and have defenses to do battle in cyberspace” and let them prove other wise. We are talking about diplomatic bull-shit -mEoW -mEoW gOsE gAtO**

Proxy servers are one of the things that activists have put to work for themselves. So when the state tries to shut down the Internet or when you learn that an authoritarian regime is watching particular sites or trying to disable YouTube or Twitter, proxy servers are very helpful as ways of getting around some of those barriers. They open doors where other doors have been shut.  Gaming consoles such as PlayStation or Xboxes can be turned into devices for sending out information without having to go through Internet exchange points. Learn from the young they know the technology and they will out live you anyway.

As long are there are ways for freedom of speech to get out it’s OK “the world is watching you now”. gAtO oUt

References:

http://www.gatewaygulf.net/teleport.php

http://en.wikipedia.org/wiki/List_of_Internet_exchange_points

http://www.payvand.com/news/11/dec/1273.html

http://en.wikipedia.org/wiki/Deep_packet_inspection

 

 

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
12/30/11

Anonymous Hacks Again Hackmas Gift 4 Charities

UPDATE: 12-30-2011 (CentOS) is the OS that the Victims of the Duqu worm -Diagram -(son of Stuxnet).

Anonymous hacks Security Firm Stratfor Global Intelligence

Provides strategic intelligence on global business, economic, security and geopolitical affairs.

gAtO sMiLe - Hackers Breach the Web Site of Stratfor Global Intelligence. gATo did a goole search on Stratfor_com. As you can see the site as of Sunday night (12-25-2012) 2310 hundred hours it’s still down. The part that got gAtO 2 sMiLe is that the other links from google point to “default- error page”.  For a security firm they have done everything WRONG that they could after the HACK.

These error pages from a Google search gives away the OS  ((CentOS) Server) that they are using the Version of  (Apache/2.2.15)  also the the nomenclature they use in their Directory structure. This is a wealth of information to give any hacker to start hacking then next time (there will be a next time 4 Stratfor ) . A security firm should at least have a disaster recovery plan well Stratfor Global Intelligence has none.

Example: From Google click on Careers, ABOUT Stratfor, Geopolitical Weekly or any othe rpage and you get an error page with all kinds of information for any hacker during information gathering before the hack. 

From a simple google search:

(CentOS) Server

 

 

 

 

They use CentOS: – Check out their bug report page: -http://bugs.centos.org/view_all_bug_page.php

stratfor.com/subscibe error code show lots of Information about any site. A good web designer would of hiding this information to keep a hacker from knowing my information

This site list the bug reports for Cent(OS). A wealth of information for a hacker.

Apache/2.2.15

http://httpd.apache.org/security/vulnerabilities_22.html

You can see that if you need to hack Apache just scan for CVE-2022-3368 and CVE-2011-3348 and these are for version 2.21 and 2.2.22 they are running 2.215. To gAtO it looks like they may not of done proper Patch management to keep up with updates.

 

 

“Anonymous” claimed Sunday to have stolen thousands of credit card numbers and other personal information belonging to clients of U.S.-based security think tank Stratfor

 

I read that they did not encrypt their subscribers credit card so a few people have made charitable contribution from their credit cards on .stratfor. Why do companies that have credit and personal information not encrypt them. This is a no brainer, if I have customers information and I’m a security company why is my website so bad and open to hacking so easily.

 

Anonymous said the client list it had already posted was a small slice of the 200 gigabytes worth of plunder it stole from Stratfor and promised more leaks. It said it was able to get the credit card details in part because Stratfor didn’t bother encrypting them – an easy-to-avoid blunder which, if true, would be a major embarrassment for any security-related company.

 

Hours after publishing what it claimed was Stratfor’s client list, Anonymous tweeted a link to encrypted files online with names, phone numbers, emails, addresses and credit card account details.

 

Anyway gAtO just wanted to point some of these things out I just don’t understand it why these big shot Security firms scream so loud about hackers, maybe because they do such a bad job that they think that laws may help them but this damage of reputation may bring this company down.

The problem that gAtO has found is these big shots thing that they hire anyone that has a security clearance or a certification. These people have no real knowledge of what a hacker does but what’s in the book. When you read it from a book today it’s outdated before it’s been printed and the hackers are on to newer stuff. Companies cannot think if they are compliant and within regulatory that will stop a hacker, they think that just because it has n0t happened before and it looks impossible to you the hackers know all the same in-the-box stuff that everyone else does. So you better understand were the new information is coming from and keep learning every day. Cyberspace is not going to stop evolving so security people better not stop and, they need to always keep an open mind and think of the impossible and protect you data. It may be what keeps your company from going under with just one hack

gAtO_oUt

Directory Structure: just add strafer.com/xxx

/weekly/friedman_on_geopolitics

/analysis/20111028-mexicos-cartels-draw-online-activists-ire

Not Found

The requested URL /analysis/20111028-mexicos-cartels-draw-online-activists-ire was not found on this server.

Apache/2.2.15 (CentOS) Server at www.stratfor.com Port 80

Not Found

The requested URL /careers was not found on this server.

Apache/2.2.15 (CentOS) Server at www.stratfor.com Port 80

Not Found

The requested URL /weekly/20111212-russias-plan-disrupt-us-european-relations was not found on this server.

Apache/2.2.15 (CentOS) Server at www.stratfor.com Port 80

Read More:

http://www.huffingtonpost.com/2011/12/25/anonymous-stratfor-hack-hackers-hacking_n_1169268.html

http://www.nytimes.com/2011/12/26/technology/hackers-breach-the-web-site-of-stratfor-global-intelligence.html?_r=1&hp

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
09/22/11

Cyber China Spy Threat | Cyber Espionage and Influence

China’s growing spy threat is a great article. It points to everything I have said before.

The top priority of Chinese

•            Industrial espionage aimed at defense industry and high tech sectors

•            Infiltration of critical infrastructure and military targets

•            Nexus of organized cybercrime and terrorist fundraising

•            Monitoring and Disrupting Dissidents

We need to understand the Chinese government mindset to understand them, paranoia, saving face and economic these are the 3 pillars of the new communism in China. Let’s start with paranoia. One of China’s prime paranoia, lack of trust of anything not created in China it must have back doors. Look at all the discussion on the Chinese company Huawei, installing back doors in our telecom infrastructure. We did it to them and nowel gatoMalo they’re paying us back. The Chinese know they are putting backdoors in our electronics because they can, they own our manufacturing. China worked very hard in creating kylin (Unix). They have to use Microsoft because some applications only run on it but it’s too easy to hack and “made in America” didn’t make them happy. This is why Google left; they refuse to give the Chinese the keys to the code.

On the same paranoia crazy train.  One of the top priorities of Chinese espionage efforts—foreign and domestic—is monitoring and disrupting dissidents, according to defectors, experts, and official documents.

Anyone who talks bad about China will pay the price, monitoring, I’m currently on there radar (popular posts, referrers and keywords stats on my blogs & sudden twitter followers, say so much) and so is everyone who write about China especially cyber security.

Let’s talk economics. China has been looked at as a source of cheap labor only, they don’t want our breadcrumbs, they want to become leaders not followers and I can’t blame them. As a nation I want to be seen as a leader in Technology, in Finance not the errand boy of the west. (Saving face). The facts are that the last 10 years China has been using it’s money wisely investing in companies around the world (influence), while America has been bombing people all over the world. They create new alliances we destroy our alliance with drone planes. And to top it off they are going after our political elite. According to experts, China uses bribes, blackmail, women, lavish vacations in China, and other means to compromise officials worldwide. I just wrote about this about our current presidential front runner Rick Perry in bed with the Chinese companies – Huawei just opened it’s door in Texas and so did 12 other Chinese corporations, what do you think there doing in the U.S.( http://uscyberlabs.com/blog/2011/09/11/cyber-warfare-rick-perry-mitt-romney-opening-u-s-cyber-infrastructure-china-huawei/).

Sorry I just had to put down these words after reading the article.

 

Time to get down of the soapbox.

 

Read More -

http://the-diplomat.com/2011/09/19/chinas-growing-spy-threat/5/

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
08/13/11

BART Stifled Free Speech just Like Middle East Dictator.

BART Transit System (Illegally) Kills Cell Phone Service to Stop Protests

We hear about it in the Middle East but never though it would happen here in America. Middle east dictators like Gaddafi in Libya tried to shut the voice of the people down and here in the land of the free our police state just does what it wants and denies freedom to it’s own people and then complain it’s justifiable. Cutting off communication is what repressive regmes do. How is the internet different from a newspaper or the pamphlets of the Revolutionary War era ? How are cellphones differrent from a printing presses?

In S.F one of the most open cities in the world the government disallow basic free speech to its citizens before they even commit a crime. In other worlds your are GUILTY until proven innocent, that’s a sad day for America and all people that believe in freedom and the American dream.

BART said that organizers were planning to disrupt BART services on Aug 11,2011 so they took it upon themselves to shut off cell phone repeaters in 4 stations.  BART police ordered it switched off, after receiving permission from BART interim General Manager Sherwood Wakeman.

I hope this never happens again in America if it does people will revolt and may even join them. I do not like what you say, but I’ll defend your right to say it. This is America and cyberspace belongs to the people not the government.

(UPDATE: Only Federal agencies can block cell phone use and with that, only under specific circumstances. BART is not a Federal agency.)

According to a citation issued January 26, 2011, by the Federal Communications Commission against Comtrex Communications for illegal cell phone jamming, Section 333 of the Communications Act of 1934 states, “[n]o person shall willfully or maliciously interfere with or cause interference to any radio communications of any station licensed or authorized by or under this Act or operated by the United States Government.” and Section 302(b) of the Communications Act provides that “[n]o person shall manufacture, import, sell, offer for sale, or ship devices or home electronic equipment and systems, or use devices, which fail to comply with regulations promulgated pursuant to this section.”

There’s no evidence provided by any BART representative that such legal issues were considered before initiating the cell phone blocking action – BART seems to have just plain went ahead and done it.

Read more: http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2011/08/12/BAEU1KMS8U.DTL#ixzz1UvejPXSk

 

 

 

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
05/15/11

Curbing Chinese cyber espionage

According to public reports, over the last several months computer hackers have stolen proprietary information from DuPont, Johnson & Johnson, General Electric, RSA, Epsilon, NASDAQ, and at least a dozen other firms.  Many of these attacks have been traced back to networks in China, but it is unclear whether criminals, government agencies or some combination of the two are responsible for the attacks.

U.S State Department cables obtained by Wikileaks further describe attacks code-named Byzantine Hades on U.S. technology and defense companies that appear to be the work of China’s People’s Liberation Army.

via CPNI :: Curbing Chinese cyber espionage.

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
05/15/11

Shanghai View: Living in a Police State « Raffaello Pantucci

Things are strange in China at the moment. This past week there was the announcement that the State Administration of Radio, Film and Television (SARFT) had told broadcasters not to show TV dramas related to spying, criminal cases, romance or time-travel during May, June and July. The reason is the upcoming 90th anniversary of the founding of the Communist Party of China (CPC) and the desire of the organs of state that the public is entertained appropriately. This came on the heels of an article published in the magazine of the Central Party School by Zhou Yongkang, the powerful politburo member in charge of State Security, in which he proposed the creation of a massive ID card database including all adult citizens on the mainland to ensure “perfection of citizen identification registration and management.” Orwellian sounding stuff indeed.

via Shanghai View: Living in a Police State « Raffaello Pantucci.

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit
05/13/11

FEATURE-As China rises, grand strategy talk back in style | Reuters

The young are the new masters of the world they use technology more fluent since it’s been their since birth. In China we have to look at our future and our past at once. When you take a peasant class person throw them into smart-phone technology, web access, instant communication this is a game changer in the human evolution matrix.

Social media is a two edge blade for cyber security. In one way goverments today have Facebook pages gathering up information on not just you but what makes you tick. It’s a basic naccistic plasure to go back and see if anyone posted a comment on your last trolling mission. We do it and we love it. But it’s this little fluff of information that got Osaba bin Laden caught. It’s the “digital fluff” that leaves a bread crumb trail everywhere in cyber space.

veteran4life

The number learning basic Chinese was rising, he said, but students were keen to show they had knowledge of a broad range of topics from economics to cyber warfare and the effect of social media on politics.

Much of the new struggle for power between states will take place largely out of sight, experts say, with confrontation in cyberspace or over economic issues such as currency strength largely replacing military conflicts or colonial struggles.

via FEATURE-As China rises, grand strategy talk back in style | Reuters.

Share on TwitterShare on TumblrSubmit to StumbleUponSave on DeliciousDigg ThisSubmit to reddit