Tor

Tor is free software for enabling anonymous communication. The name is an acronym derived from the original software project name The Onion Router,[7] however the correct spelling is “Tor”, capitalizing only the first letter.[8] Tor directs Internet traffic through a free, worldwide, volunteer network consisting of more than seven thousand relays[9] to conceal a user’s location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult for Internet activity to be traced back to the user: this includes “visits to Web sites, online posts, instant messages, and other communication forms”.[10] Tor’s use is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored.

Onion routing is implemented by encryption in the application layer of a communication protocol stack, nested like the layers of anonion. Tor encrypts the data, including the destination IP address, multiple times and sends it through a virtual circuit comprising successive, randomly selected Tor relays. Each relay decrypts a layer of encryption to reveal only the next relay in the circuit in order to pass the remaining encrypted data on to it. The final relay decrypts the innermost layer of encryption and sends the original data to its destination without revealing, or even knowing, the source IP address. Because the routing of the communication is partly concealed at every hop in the Tor circuit, this method eliminates any single point at which the communicating peers can be determined through network surveillance that relies upon knowing its source and destination.

An adversary might try to de-anonymize the user by some means. One way this may be achieved is by exploiting vulnerable software on the user’s computer.[11] The NSA has a technique that targets outdated Firefox browsers codenamed EgotisticalGiraffe,[12] and targets Tor users in general for close monitoring under its XKeyscore program.[13] Attacks against Tor are an active area of academic research,[14][15] which is welcomed by the Tor Project itself.[16]

Computer emergency response teams (CERT)

Computer emergency response teams (CERT) are expert groups that handle computer security incidents. Alternative names for such groups include computer emergency readiness team and computer security incident response team (CSIRT).

The name “Computer Emergency Response Team” was first used by the CERT Coordination Center (CERT-CC) at Carnegie Mellon University (CMU). The abbreviation CERT of the historic name was picked up by other teams around the world. Some teams took on the more specific name of CSIRT to point out the task of handling computer security incidents instead of other tech support work, and because CMU was threatening to take legal action against individuals or organisations who referred to any other team than CERT-CC as a CERT. After the turn of the century, CMU relaxed its position, and the terms CERT and CSIRT are now used interchangeably.

The history of CERTs is linked to the existence of malware, especially computer worms and viruses. Whenever a new technology arrives, its misuse is not long in following. The first worm in the IBM VNET was covered up. Shortly after, a worm hit the Internet on 3 November 1988, when the so-called Morris Worm paralysed a good percentage of it. This led to the formation of the first computer emergency response team at Carnegie Mellon University under U.S. Government contract. With the massive growth in the use of information and communications technologies over the subsequent years, the now-generic term ‘CERT’/’CSIRT’ refers to an essential part of most large organisations’ structures. In many organisations the CERT evolves into a information security operations center.

Stuxnet

An Unprecedented Look at Stuxnet, the World’s First Digital Weapon


Stuxnet is a malicious computer worm believed to be a jointly built AmericanIsraeli cyber weapon.[1] Although neither state has confirmed this openly,[2] anonymous US officials speaking to the Washington Post claimed the worm was developed during the Obama administration to sabotage Iran’s nuclear program with what would seem like a long series of unfortunate accidents.[3]

Stuxnet specifically targets PLCs, which allow the automation of electromechanical processes such as those used to control machinery on factory assembly lines, amusement rides, or centrifuges for separating nuclear material. Exploiting four zero-day flaws,[4] Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software. Stuxnet reportedly compromised Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart.[5] Stuxnet’s design and architecture are not domain-specific and it could be tailored as a platform for attacking modern SCADA and PLC systems (e.g., in automobile or power plants), the majority of which reside in Europe, Japan and the US.[6] Stuxnet reportedly ruined almost one-fifth of Iran’s nuclear centrifuges.[7]

Stuxnet has three modules: a worm that executes all routines related to the main payload of the attack; a link file that automatically executes the propagated copies of the worm; and a rootkit component responsible for hiding all malicious files and processes, preventing detection of the presence of Stuxnet.[8]

Stuxnet is typically introduced to the target environment via an infected USB flash drive. The worm then propagates across the network, scanning for Siemens Step7 software on computers controlling a PLC. In the absence of either criterion, Stuxnet becomes dormant inside the computer. If both the conditions are fulfilled, Stuxnet introduces the infected rootkit onto the PLC and Step7 software, modifying the codes and giving unexpected commands to the PLC while returning a loop of normal operations system values feedback to the users.[9][10]

In 2015, Kaspersky Labs‘ research findings on another highly sophisticated espionage platform created by what they called the Equation Group, noted that the group had used two of the same zero-day attacks used by Stuxnet, before they were used in Stuxnet, and their use in both programs was similar. The researchers reported that “the similar type of usage of both exploits together in different computer worms, at around the same time, indicates that the EQUATION group and the Stuxnet developers are either the same or working closely together”.[11]:13

Continue reading “Stuxnet”

Types of Information System

Why are there different types of Information System?

In the early days of computing, each time an information system was needed it was ‘tailor made’ – built as a one-off solution for a particular problem. However, it soon became apparent that many of the problems information systems set out to solve shared certain characteristics. Consequently, people attempted to try to build a single system that would solve a whole range of similar problems. However, they soon realized that in order to do this, it was first necessary to be able to define how and where the information system would be used and why it was needed. It was then that the search for a way to classify information systems accurately began.

Chinese Hackers

Published on Nov 16, 2015

China has been accused of stealing the fifth-generation US F-35 fighter jet design. US defense and strategic affairs experts claim that the design for China’s FC-31 “Gyrfalcon” or J-31 was stolen during a hack into Lockheed Martin’s American defense network. Similarities between the two jets include tracking mirrors, a flat-faceted optical window, and bottom fuselage placement. Experts currently believe, however, that China’s F-35 cannot compete with the American version, and the craft will not reach operational capacity until 2024. Nik Zecevic and Jose Marcelino examine China’s reputation for knock off’s on The Lip News.

http://economictimes.indiatimes.com/n…

ITIL

ITIL, formerly known as the Information Technology Infrastructure Library, is a set of practices for IT service management (ITSM) that focuses on aligning IT services with the needs of business. In its current form (known as ITIL 2011 edition), ITIL is published as a series of five core volumes, each of which covers a different ITSM lifecycle stage. Although ITIL underpins ISO/IEC 20000 (previously BS15000), the International Service Management Standard for IT service management, there are some differences between the ISO 20000 standard and the ITIL framework.

ITIL describes processes, procedures, tasks, and checklists which are not organization-specific, but can be applied by an organization for establishing integration with the organization’s strategy, delivering value, and maintaining a minimum level of competency. It allows the organization to establish a baseline from which it can plan, implement, and measure. It is used to demonstrate compliance and to measure improvement.

Since July 2013, ITIL has been owned by AXELOS Ltd, a joint venture between HM Cabinet Office and Capita Plc. AXELOS licenses organisations to use the ITIL intellectual property, accredits licensed Examination Institutes, and manages updates to the framework.

Sigil for Ubuntu 15.04

There are some repositories that seem to be mantaining Sigil at this moment for Ubuntu 15.04:

i2p: https://launchpad.net/~i2p.packages/+archive/ubuntu/i2p

sudo add-apt-repository ppa:i2p.packages/i2p
sudo apt-get update
sudo apt-get install sigil

xiota: https://launchpad.net/~xiota/+archive/ubuntu/ppa

sudo add-apt-repository ppa:xiota/ppa
sudo apt-get update
sudo apt-get install sigil

mapreri: https://launchpad.net/~mapreri/+archive/ubuntu/sigil

sudo add-apt-repository ppa:mapreri/sigil
sudo apt-get update
sudo apt-get install sigil

Though it is important to note that i2p.packages repository doesn’t contain only Sigil, and updating after adding it may upgrade other packages.