08/28/13

Tor Usage goes UP PirateBay, Iran-Syria and Google-play Orbot

USCyberLabs Stats of the Tor Network Aug-27

USCyberLabs Stats of the Tor Network

gAtO hEaR _UPDATE-

Sudden rise in direct Tor users



On Tuesday 27th, Roger Dingledine drew attention to the huge increase of Tor clients running [14]. It seems that their number has doubled since August 19th according to the count of directly connecting users [15]. According to Roger this is not just a fluke in the metrics data. The extra load on the directory authorities is clearly visible [16], but it does not look that the overall network performance are affected so far [17]. The cause is still unknown, but there are already speculations about the Pirate Browser [18] or the new “anti-piracy” law in Russia which is in force since August, 1st [19]. As Roger pointed out, ?some good solid facts would sure be useful.?

[14] https://lists.torproject.org/pipermail/tor-talk/2013-August/029582.html

[15] https://metrics.torproject.org/users.html?graph=direct-users&start=2013-05-29&end=2013-08-27&country=all&events=off#direct-users

[16] https://metrics.torproject.org/network.html#dirbytes

[17] https://metrics.torproject.org/performance.html

[18] https://lists.torproject.org/pipermail/tor-talk/2013-August/029584.html

[19] https://lists.torproject.org/pipermail/tor-talk/2013-August/029583.html



Ever since the the NSA Prism program came out something else is going on in Tor. People want privacy and they will use anything they can to get it. Tor is one solution that a lot of people know about but there are other factors about the increase.

Piratebay.sx and it’s users are doing a lot more stuff with the new browser - There has not been a sustained increase in search traffic for the Pirate Browser on Google. Tor and “Tor browser” haven’t shown a spike in search, either. Could it be from users in Syria?  Also note that the Google Play Store has been unblocked in Iran, allowing distribution of Orbot/Orweb in that country to phones with the Play Store app installed (partial bootstrapping problem).

Syria had a spike from 1000 to 4000 but that’s a tiny fraction of the recent increase. Iran doubled from 4000 to 8000 which is also only a part of the increase. Is there a page listing each graph by country or overlapping them all?

The Tor Project also pushed out Orbot v12 to Google Play in the last few weeks – 2 separate updates. That would not account for all of the increase, but it could have prodded enough existing users who had not used Orbot in awhile to start the app up again. We have also seen about 75,000 new installs over the last 3 months.

So we have a lot of factors as the Tor network grows larger everyday- gATo oUt

 

07/15/13

Active Defense Intelligence for the dark web

bitcoin-gollum

good guys and bad guys use Bitcoins too

gAtO - reading about  tools to enable business to have a proactive intelligence of the dark web for an “ Active Defense”. This new model includes not only traditional but unconventional methods using OSINT to gather the intelligence needed.

Companies are getting sick and tired after years of focusing mainly on the defensive postures like malware used in data breaches and financially motivated hacks, some security experts have begun to turn the spotlight on the attacker himself, attempting to profile the bad actors stealing your blueprints or customer credit card numbers, or leaking your usernames and passwords on Pastebin.

The facts are that corporations are spending millions of dollars in defense and defense-in-depth and best practices, and it’s still not helping. With the new active defense we’re making the adversary earn their medals, but they are still getting in. It may take two days now instead of one but we have a fighting chance.

The corporate world have defense and now adding this new model Active Defense (means = offensive) now you need a little dark web intelligence to bind the two together - gAtO OuT

07/1/13

TTP – cyber -tactics- techniques- and procedures

TTP - cyber -tactics, techniques, and procedures

HUMINT in cyberspace- finding adversary activities in cyberspace with subject matter expertise in intrusion set tactics, techniques, and procedures (TTP)

gAtO tHiNk- we should all learn form the state actors and adapt – China – they profile a company- then the c-suite their likes, dislikes, social media, family – then build a profile and launch the phishing email to specific tageted c-suite that loves that new golf clubs, or watch they been looking for. Wham – PoW – were in..// we all know this.

Crawling Tor Hidden Service - websites

Crawling Tor Hidden Service – websites

Example in Tor there are a few under-web hacking sites were they trade small basic hacks and share information about weakness and exploits most of it is silly n00bs stuff, but once in a while you will see the real thing and you have to know better if it’s LE or a real gamer, faker or joker or a thief. You need a personas and make it trusted for a while – so it’s legit in that world-// then you just have to sit and look here and there, and find new places to search. From these sites you can gauge whats hot and whats new and real, but it’s all a game that you have to play. HUMINT in cyberspace that’s the way you see the real things come and go. Cyber fame is on some way a weakness in the geek squad that hack the codes that makes this all happen. So you have to sit and wait.

HUMINT in cyberspace can get insider intelligence if you do it right, the Tor-network is perfect for OPSEC countermeasures tool in anything in cyberspace. With a few proxies and/or VPN – it Boot’s up from a thumb drive and 100% secure in your possession and encrypted. Surf Tor or the real Internet secure and private- untraceable— add your own Tor-hidden service-website that you control without any DNS or domain registration -(with a laptop) your website can move from anyplace never the same spot twice with open WiFi-hotspots- for OPSEC websites that’s untraceable a thing like the Tor network is a great tool that a pro-adversary would use for secure communication (C2)c&c and distribution tool.

Source of new URL’s and websites: can be gathered with a simple crawler and search engine to store everything.- this will enable you to find new places to go in and check out – there is so much information on Tor, so many places to hide secrets – so it’s the most interesting place in cyberspace for a puzzle freak.

Tor comes in any flavor and rides on any Internet connection -KISS- With the information from the Search Engine —Now HUMINT in cyberspace has places to go and things to verify but it’s time spent in learning everything you think is crazy, just to see of it’s real. for example:Who may uses it?

TTP- We reverse-engineered a lot of Anonymous operations and saw a real interesting thing, in a loose based organized operations with many strangers never working together, they learned from all the OP’s and adapted every time, and I don’t mean simple attack methods or crap like that, it’s organized and well planned. Some were “placed” operations with state actors to see what can be done.—-tactics, techniques, and procedures

Some operations were too well organized. In some cases Anonymous was used as a ruse while the real threat hacked the side doors as they were kept busy with youngsters play toys. The real attackers hacked away and placed their logic bombs for later after things calm down…

It’s outside the box and thinking vulnerabilities not defense – every defense has a countermeasure. Once again HUMINT in cyberspace payed off to learn how the kiddies play, but learning most how the leaders think and plan and communicate and manage the people get’s the most miles.

As Anonymous’ cyber “activism” only increases in prevalence, many organizations—both government and corporate—have moved to protect vital, sensitive information, including NATO. By issuing this press release explaining their updated security procedures, NATO was acknowledging the rapid evolution in prevalence and sophistication of cyber terrorism since, well, not that long ago.

But if NATO—with the combined resources of 28 member countries—is that concerned about the protection of its sensitive data from admittedly sophisticated criminal enterprises, shouldn’t its announcement last week serve as a harbinger for other organizations without intercontinental alliances?

From supply chain attacks going after the big players thru small contractors get’s some of the best access to Intellectual Capital and other goodies. In cyberspacewe have found that when you select the target and keywords – then the TTP–tactics, techniques, and procedures become clear and make the rules to provide a solid plan for the operations.

HUMINT in cyberspace is the new skill set that will help you understand the new cyber enemy in the new digital domain with web-apps flying everywhere – by the time NATO put’s it all on paper, everything changed so adaptability and changing on a dime has to be the new rule in NATO and other corporations but are they too big to change with the times – if you don’t change and adapt then you loose in cyber-world -gAtO ouT.

ref:IAM and Cyber Terrorism: NATO Reassess Their Cyber Security Policies

http://www.aveksa.com/blog/bid/300679/IAM-and-Cyber-Terrorism-NATO-Reassess-Their-Cyber-Security-Policies

 

CrowdStrike Launches Security Service That Tracks Cyber-Attacker Tactics

http://www.eweek.com/security/crowdstrike-launches-security-service-that-tracks-cyber-attacker-tactics/

 

03/24/13

Tor is NOT the ONLY Anonymous Network

gAtO fOuNd – this very interesting and wanted to share -

Tor does some things good, but other anonymous networks do other things better. Only when used together do they work best. And of course you want to already know how to use them should something happen to Tor and you are forced to move to another network.fin_07

Try them! You may even find something interesting you cannot find on Tor!

Anonymous networks

These are well known and widely deployed anonymous networks that offer strong anonymity and high security. They are all open source, in active development, have been online for many years and resisted attack attempts. They run on multiple operating systems and are safe to use with default settings. All are well regarded.

  • Tor – Fast anonymous internet access, hidden websites, most well known.
  • I2P – Hidden websites, anonymous bittorrent, mail, out-proxy to internet, other services.
  • Freenet – Static website hosting, distributed file storage for large files, decentralized forums.

Less well known

Also anonymous networks, but less used and possibly more limited in functionality.

  • GnuNet – Anonymous distributed file storage.
  • OneSwarm – Bittorrent, has a non-anonymous mode, requires friends for anonymity.
  • RetroShare – File-sharing, chat, forums, mail. Requires friends, and not anonymous to those friends, only the rest of the network.
  • Omemo – Distributed social storage platform. Uncertain to what extent it is anonymous.

Non-free networks

These are anonymous networks, but are not open source. Therefore their security and anonymity properties is hard to impossible to verify, and though the applications are legit, they may have serious weaknesses. Do not rely on them for strong anonymity.

  • Osiris – Serverless portal system, does not claim to provide any real anonymity.

In development

  • Phantom – Hidden Services, native IPv6 transport.
  • GlobaLeaks – Open Source Whistleblowing Framework.
  • FreedomBox – Project to create personal servers for distributed social networking, email and audio/video communications.
  • Telex – A new way to circumvent Internet censorship.
  • Project Byzantium – Bootable live distribution of Linux to set up wireless mesh nodes with commonly available hardware.
  • Hyperboria A distributed meshnet built on cjdns.

Routing Platforms

These are internets overlaid on the internet. They provide security via encryption, but only provides weak to none anonymity on their own. Only standard tools such as OpenVPN and Quagga are required to connect. Responsibility for a sufficiently anonymous setup is placed on the user and their advertised routes. More suited for private groups as things out in the open can be firewalled by other participants. Can be layered above or below other anonymity nets for more security and fun.

  • Anonet – AnoNet2, a more open replacement for AnoNet1.
  • dn42 – Another highly technical routing community.
  • CJDNS, an IPV6 overlay network that provides end to end encryption. It is not anonymous by itself.

Alternative Internet

  • Netsukuku – A project that aims to build a global P2P online network completely independent from the Internet by using Wi-Fi. The software is still in active development, although the site is no longer updated. A new site is in progress of being built.
  • Many other wireless communities building mesh networks as an alternative to the Internet, e.g. Freifunk, http://guifi.net and many more around the globe. see also

Alternative domain name systems

  • Namecoin – Cryptocurrency with the added ability to support a decentralised domain name system currently as a .bit.
  • OpenNIC – A user controlled Network Information Center offering a democratic, non-national, alternative to the traditional Top-Level Domain registries.
  • Dot-P2P – Another decentralized DNS service without centralized registry operators (at July 18, 2012 page is not accessible and has not known anything about the status of project from February 2011).

See Also

03/10/13

Finding the Bad Guy’s in Tor -triangulated irregular network

gAtO ThInKiNg - a car GPS works very simple, It takes the delay time from one geo-positioned satellite and compares is to another geo-positional satellite and estimates the position of the GPS in my CAR – I think they call it satellite triangulation or something cool, it’s been done with radios to guide pilots navigate ever since they developed radios. We do it with satellite and we can use networks too.

triangulated irregular network  -So now apply this to the Tor bad guy’s websites- a hidden service!math_clouadTag

With a simple command you can get the time it takes to crawl a website, so you have one server in the U.S one is South America, one in Europe and one in Asia and we run the same command getting the delays from each location. I bet with a little math and some basic network tools we could figure out the geo-location of any given website in Tor. One of my good mentors told me that in my crawls I was capturing timing information, we all see timing information with a simple ping command in the clear web but in Tor – UDP is unsupported so it does not work -//- we must take into account the Tor network thru-put and utilization bit that’s easy to get from a number of Tor tools.

Reverse triangulation of a network server should be easy to find with a little math, just take a good sample and the longer you wait the more data you collect and the better the chance you can find a geo-location of a website. We do this in the clear web all the time we can see bad areas of the world that are bad spammers, and other like mail from Africa Prince Scams offering you millions if you send them some money to cover the transfer, or Russian and Chinese phishing attacks. So we know geo-location and some IP are more prime to bad actors and we can draw a profile, a geo-location of a place and/or  country or an ISP so not having the IP of a Tor server may not be neededto find them we could use network triangulation. “triangulated irregular network  ” So the same thing can be done with networks and timing delays of data back and forth from a // client <–> Tor OR <–>server.

I got a crazy Idea that may or may-not work, but it sounds good—//  so— Now if I can only find a government grant and a good math major to help out and we have a big business model to find the bad guy’s geo-location even in Tor - gAtO oUt…

03/9/13

Tor Website 36% are Criminals Sites

gAtO iS CrAwLliNg websites-We just completed our new crawl of Tor URL that we found. We started with 2,000 URL’s and we got about 550 positives from this first run. This will change since some sites go up and down for no rhyme or reason. I went back to verify one site that my crawl picked up with all kinds of good information but later when I went back it would not come up. So this is an ongoing thing in order to map out all of Tor’s hidden service websites. From the preliminary data Pedo sites are about 18% of the sites we discovered another 4-6% guns and assassins and another 14-16% of different criminal type’s of sites or scams. So that is over 36% of the sites we found were criminal type, that is not good for anyone.

Crawling Tor Hidden Service - websites

Crawling Tor Hidden Service – websites

Tor is an excellent software for being private and having some level of safety but this new light is not good for the people that want to use Tor and the Dark Web to do good things and positive things. Now we see that the bad guys are all over Tor-Dark Web we hope this list will help it become better.

This list is only available to Law enforcement, governments and selected security companies, you must be verified first before you can get a hold of this list of Onion websites in Tor. This is not a free list (we have to recover our cost of r&d) and this is only the first steps we have gained over 12,000 new URL in Tor from this crawl and will be doing more crawls and adding more information to the list.

What really freaked us out was the undocumented website that are not in any hidden wiki in Tor and the number of them being put out by criminals. Now some of the other information that we collected see list below will give us a baseline like — Last-Modified: — will give us an indication of how active they are. The —Server: & Web Application:— will give us the web app they use and from the looks of things some are vulnerable to all kinds of hacking attacks. Tor websites are the same as any site and if you don’t update your website, well your vulnerable to hacking from anyone and in Tor you don’t have a clue because they are protected just like the site.

This will be an ongoing crawl for the next year or so, so expect the list to grow and as new data is collected more will be revealed about the how, and the use of Tor and who uses Tor will become not just theories but facts that we can verify - gAtO OuT 

Internal URL’s

 [url] 

    [content_type]

    [http_code]

    [header_size]

    [request_size]

    [filetime]

    [ssl_verify_result]

    [redirect_count]

    [total_time]

    [namelookup_time] 

    [connect_time]

    [pretransfer_time]

    [size_upload] => 0

    [size_download] => 124

    [speed_download] => 7

    [speed_upload]

    [download_content_length] 

    [upload_content_length]

    [starttransfer_time]

    [redirect_time]

    [certinfo] 

Cache-Control

Expires: 

Pragma: 

HTTP

Server:

Crawl Date:

Content-Type: 

Content-Length:

Last-Modified:

Connection:

Accept-Ranges:

Proxy-Connection: 

Set-Cookie:

Content-Length: 

Accept-Ranges:

Web Application:

 

03/1/13

Currency of the Cyber Economy

gAtO tHiNk- the bad evil hackers are the least of your worries, the real bad guys are the corporate geeks that want every click, every nuance of your digital life and they tell you it’s to give you a better web experience. WoW I didn’t know that selling all my information as I go from site to site is a good thing for me. How about if I’m sick and search for my medical problems will my insurance company want that information to raise my payments. You betcha they do!!!

I’m doing some Tor work now so I’m away from the hump and grind but I been changing my search engines because like google they know what I look for and they give me the same crap and then I switch to yahoo and soon the have me profiled then Bing, whoa!!! what a mistake but I expected very little from them anyway. They were robbing us blind back before Netscape days.

Think about those high tech security geeks they get paid big bucks to guard the hen house and you hear about a new hack every other day why because if you understand the “book” the same one every security geek get’s all those certification all teach the same old done thing and that’s their job to take the masses and control them but the ones that think for themselves are the true pioneers, the ones that dance to a different drum. Look I don’t have any certifications anymore and I know more today about the Tor network than most people around. That’s what interest me and that’s what I like.

The currency of information economy is going swell and the big corporate boys are all for selling everything you do so use Tor and be safe and have a little privacy. Be different and use the tools that work for you and keep your digital breadcrumbs to yourself. I know your not doing anything wrong and you don’t have to prove it to anybody. People say if I use Tor then people will think that I’m a bad guy. Oh Me, Oh My do you really care about other’s control of you. It’s a propaganda war just to keep you afraid of Tor because with it they cannot sell your data. Don’t sell your click for free make them earn them -gATO OuT

02/18/13

Cyber Women and Hollywood

Cyber Women please stand Up

CSI creator launch a new Cybergeddon Yahoo Show GREAT -http://cybergeddon.yahoo.com

Pierluigi and gAtO met with Dare To Pass – CSI – Anthony e. Zuiker, Matthew Weinberg and Josh Cadwell to talk about the new Cyber sensation Cybergeddon in Yahoo. I never met any hollywood types but these guy’s were just dead set on making the show great, and real life. They met with Symantec/Norton folks but they were not prepared for Pierluigi’s charm and solid knowledge of what is in the deep dark web and a loco gAtO that has no rules or reason sometimes.

Let’s just say we where informative and entertaining and after the meeting Josh Cadwell CSI’s real geek -(producer, writer, director too) took the lead. I think this relationship will make the show more real, more believable and as they use real tools and how 2- of the black hackers they will be in a position to not just make a great entertainment show but also it may help other online people to become aware of the dangers of cyberspace. CSI broke new bounds and educated people to the cool science and how technology can be use for good things and help solve crimes. Cybergeddon is set to become another CSI but in cyber Space- About cyber Space— IMHO

gAtO does not even own a TV so I had no clue who CSI was- but these guy’s are really very smart, creative and played hardball when it comes to what they want. Anthony is solid TV Producer type, Matt is a cool genius and Josh has so much knowledge about Tor this that it made us feel comfortable, he is a techno class dude…he knows his technology.

This show is so different not just the content but by putting it on Yahoo they have over 50 million points as a distribution model. This is how smart movie executives are not fighting the Internet but they are embracing it and fixing it to make the model work. We all seen Kim DotCom and other pirate distribute content worldwide – movie guys saw this and said WOW we could keep the distribution cost down and get more views and that’s a big win, win for US the viewers and them the creators.

“I wanna be a Hackers” has become a new cool thing. The geek is becoming a superstar – where the football hero and the nerdy computer club president has similar status. This is new a turn for intelligence not just brute force – I’m one geek that got the beauty queen and so will others. Cybergeddon show’s that even the 4 eye nerd can become a person of power and respect – take the character “Rabbit” yeah I can say I know some hacker like him -

Give them a break guy::: I know you can’t hack everything in 15 keystrokes but they have a limited time – Viewer can have the concentration of a nat, so I will give them that and it has to be entertaining and Chloe the lady Hacker is so cool – I have a daughter that is a strong woman and can hack (a little ) but the role model this set’s up for women in technology is great -

I know of 3 cyber women (they are gonna kill me) C3nTuri0n ?@Centauri3  and ?? ?@7JGoldOrlando and Kandy- these are real live cyber queens that know their shit and are very intelligent, strong and vocal – they take no shit from anyone in cyberspace and sorry but that is cool. They dabble with SE, Bot-Nets and they know cyber security – I feel fortunate to know great ladies like this they teach me so much.. Thanks guy’s…

Cyber Women please stand Up

So my Gray hat goes out the CSI team in wanting to show such a good woman role model, this is a change and I seen it with Latino women shouting about TangoDown all over Latino countries – Women in cyberspace are gaining a lead – we men can sometimes communicate with grunts and get the message across (nOt)- I know this show can be great for equality in cyberspace.

I want to thank Lauren -Dare to Pass – Nicole – National Science Foundation for helping Pierluigi and gATO to have a chance to help in this project. el gAtO lOcO had fun talking about “The Deep Dark Web” (our Book) (available in Amazon) and security, Bitcoins market and the other fantastic cyber things we talked about.

Anthony called me up the next day and we talked about helping them on a new show about a cyber cop who dies and get’s re-born and goes out in the Dark Web to get the bad guys- I think the working title is “RESTART” it should be kinda cool. But hollywood types are all takers – pro bono- but they reap the rewards. I guess that gAtO will not be a famous star— gAtO OuT

02/3/13

Offensive Cyber Capabilities

Companies Need Offensive Cyber Capabilities

gAtO hEaR - about banks seek U.S Help on Iran Cyberattack’s. We hear about cyber attacks in the financial sector, the oil and energy sectors, then Leon Panetta warned perpetrators to cease hacking the US while we have all kinds of sanctions against Iran -/ this is insanity. Your telling unknown hackers (we suspected Iran) to  just stop, or what. What can we do to prevent them from launching cyber attacks against America.

So Iran has only 3 NAT-access points and 1 submarine cable (Al-Faw, Iraq submarine cable)

 

Then you have all these security people putting up defenses without building a firewall so bad-ass that they cannot do business. If we keep building these defenses it will get to a point where it defeats the purpose of the Internet. So what is the logical next move, offensive cyber weapons and capabilities. We can find these attacks and pinpoint the IP of where they are coming from then all we need is offensive tools to find them and do a seal-team 6 extraction of something like that and get the word out that we will find you and hunt you down.

One little hacker can keep a bank tied up for days in the middle of the desert. They could go after our traffic system, our rail system we know that SCADA is so messed up and in some cases open with defaults passwords. So we beat our chest like some mad gorilla and hope to scare these hackers.

My friends we must take initiative and find ways to counter these attacks no more just defense and I don’t mean a Ddos attack that can be circumvented. We need to plant Bot-nets on these people’s machines and monitor them and if we have to go physical and bring them to justice. Forget about Iran and let’s just talk about Chinese hacker attacks of our intellectual property. They just denied it and go about planning the next attack. We seen Skynet were thousands of computers were given a disk wipe and the blue screen of death. Why don’t we do the same to these hackers going after our infrastructure.

We must change our tactics and be a little more aggressive and become real cyber warriors not just defenders but attacking them and destroying their machines, their servers and routers. How about we just monitor the 1 submarine cable and 3 access points in Iran that should lead us to some of these people. The US monitors our own people then we stand by and allow other hostile countries to go and hack us. This is cyber insanity - gAtO OuT

 

01/19/13

Government Spying on everyone -Thanks Microsoft

gAtO lEaRnOn 01-01-213 we hear that Microsoft buys Skype and makes changes to allow Police surveillance. Then on 01-07-2013 we hear that a professor at the Warsaw University of Technology, Wojciech Mazurczyk, found a way to insert secret 70 bits of data and add secret information similar to steganography.spy-spy

Lawful Intercept is what it’s called and we just heard punch – counter-punch from the government. I just posted about corporations and governments using offensive cyber weapons to fight crime, but this looks like just plain old spying on citizens like China, Iraq and Syria does. Skype is owned by Microsoft and we know that Word and other products have back doors for them to snoop and governments to use in criminal cases. I guess they do it the proper way and get a real FISA document to monitor us it’s citizens.

mEoW 12-30-2012 our re-elected President Obama signs FISA Warrantless Wiretapping Program. STOP – SAY WHAT. mEoW – Forget about gun control how about the privacy of citizens, are we becoming like China, Iraq and Syria the more I find out about this the crazier it becomes. I hate Skypes but now finding this out NO WAY DUDE-

I did a little digging and I found a document from the Straford hack from the LutzBoat crew and this has been on the play board for a long time. More and more governments that play nice with the America and Microsoft will have to live with the fact that they are spying on us, the people. I voted for Obama but I’m pretty sure any president would want to be able to justify this abuse of power to monitor it’s citizens, what get’s me is we scream and yell when other countries do it but here we are doing to ourselves and nobody is talking about this- Hay press wake up. I have nothing to hide but if you do you have been warned – enjoy your government spying on you behind your back - gAtO oUt

Lab Notes:

IT security continues to be the greatest challenge facing government CIOs worldwide. Most experts agree that governments require stronger partnerships between the public and private sectors for both better protection of government IT systems from intruders and for greater visibility into operators’ network traffic to fight crime. However, government systems and intelligence activities constitute a very sensitive information environment. Governments must proceed with caution when forming technology partnerships for hardening their IT network security. Melissa E. Hathaway, who in February 2009 was named to be the Obama Administration’s top cyber security official, points out how

Lawful Intercept

Challenge

Criminals, predators and hackers now use chats, blogs, webmail and Internet applications such as online gaming and file-sharing sites to hide their communications.

Solution

Qosmos provides law enforcement agencies with a powerful solution to identify a target using multiple virtual IDs and intercept all related IP- based communications. Any trigger, such as a “user login = target” initiates intercept of all IP traffic related to the “target.”

Example of recognized applications and protocols

VoIP Email (POP, SMTP)

Webmail (Gmail, Hotmail, Live Mail, SquirrelMail, Yahoo mail, etc.)

Instant Messaging (Aim, SNM, Skype, Yahoo, Google Talk, QQ, Maktoob, Paltalk, etc.)

Online games (World of Warcraft)

Online classified ads

Audio/Video (H.323, SIP, MGCP, RTP, RTCP, MMSE, RTSP, SHOUTcast, Yahoo Video,

MSN Video, SCCP, etc.)

Web applications (Dailymotion, Google, eBay, Google Earth, HTTP, MySpace, Wikipedia,

YouTube, etc.)

Example of information extracted

Caller, phone number, called party, duration of call

Webmail login, email address, sender, receiver, subject matter, attached documents

Instant messaging sender, receiver, contact lists and status

Forum login, IP address, MAC address, mobile ID (IMSI, IMEI)

Protocols identified even for unidirectional traffic (e.g. email by satellite).

http://www.huffingtonpost.com/2012/12/30/obama-fisa-warrantless-wiretapping_n_2385690.html

http://enterprise-call-recording.tmcnet.com/topics/enterprise-call-recording/articles/321789-sounds-silence-skype-hold-more-than-expected-thanks.htm

http://www.ronpaulforums.com/showthread.php?399961-Microsoft-Buys-Skype-Makes-Changes-to-Allow-Police-Surveillance