Domain: hpaste.org
Stories and comments across the archive that link to hpaste.org.
Comments · 7
-
The Mysterious Death of Shannon Larratt and Encryp
The Mysterious Death of Shannon Larratt and Encryption/Privacy/Deep-Dark-Web/
-
50 Million Potentially Vulnerable to UPnP Flaws
50 Million Potentially Vulnerable to UPnP Flaws - January 2013 Articles and Downloads
###
Multi-Article Document:
Part 1 - Article: 50 Million Potentially Vulnerable to UPnP Flaws
Part 2 - Article: Security Flaws in Universal Plug and Play: Unplug, Don't Play
Part 3 - Router Scan: Universal Plug and Play - Router Security Check
Part 4 - Download: ScanNow for Universal Plug and Play (UPnP) | For Windows
Part 5 - PDF: Whitepaper: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Part 6 - Article: Millions of devices vulnerable via UPnP
Part 7 - Article and Discussion: 50 Million Potentially Vulnerable To UPnP Flaws###
Translate this collection (does not include software download(s) and PDF(s): http://translate.google.com/
###
COPYRIGHT: The New Zealand Copyright Act 1994 specifies certain circumstances where all or a substantial part of a copyright work may be used
without the copyright owner's permission. A "fair dealing" with copyright material does not infringe copyright if it is for the following
purposes: research or private study; criticism or review; or reporting current events.###
This Multi-Article Document Has Been Mirrored At The Following Sites (RAW = text):
http://hpaste.org/81561 (RAW: http://hpaste.org/raw/81561)
http://kpaste.net/66c9a3
http://oxynux.org/pastebin/n3rae9-1874
http://pastebin.com/XHkXHfuF (RAW: http://pastebin.com/raw.php?i=XHkXHfuF)
http://paste.blixt.org/9819498
http://paste.lisp.org/display/135035 (RAW: http://paste.lisp.org/display/135035/raw)
http://paste.yt/p2605.html (RAW: http://paste.yt/P2605.txt)
http://slexy.org/view/s2r3Si2W3C
https://paste.debian.net/230670/
http://www.inetpro.org/pastebin/11699 (RAW: http://www.inetpro.org/pastebin/11699/view/raw)###
(Part 1): 50 Million Potentially Vulnerable to UPnP Flaws
by Brian Donohue | January 29, 2013, 1:15PM
https://threatpost.com/en_us/blogs/50-million-potentially-vulnerable-upnp-flaws-012913
"In a project that found more than 80 million unique IP addresses responding to Universal Plug and Play (UPnP) discovery requests, researchers at Rapid7 were shocked to find that somewhere between 40 and 50 million of those are vulnerable to at least one of three known attacks.
A Rapid7 white paper enumerated UPnP-exposed systems connected to the Internet and identified the number of vulnerabilities present in common configurations. Researchers found that more than 6,900 product models produced by 1,500 different vendors contained at least one known vulnerability, with 23 million systems housing the same remote code execution flaw.
Between June 1 and Nov. 17, 2012, Rapid7 conducted weekly scans that sent simple service discovery protocUPnPol (SSDP) requests to each routable IPv4 address. In all, 2.2 percent of all public IPv4 addresses responded to the standard UPnP discovery requests. So, 81 million unique IP addresses responded and, upon deeper probing, researchers determined some 17 million further systems exposed the UPnP simple object access protocol (SOAP). This level of exposure was far higher than researchers had expected, according to
-
50 Million Potentially Vulnerable to UPnP Flaws
50 Million Potentially Vulnerable to UPnP Flaws - January 2013 Articles and Downloads
###
Multi-Article Document:
Part 1 - Article: 50 Million Potentially Vulnerable to UPnP Flaws
Part 2 - Article: Security Flaws in Universal Plug and Play: Unplug, Don't Play
Part 3 - Router Scan: Universal Plug and Play - Router Security Check
Part 4 - Download: ScanNow for Universal Plug and Play (UPnP) | For Windows
Part 5 - PDF: Whitepaper: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Part 6 - Article: Millions of devices vulnerable via UPnP
Part 7 - Article and Discussion: 50 Million Potentially Vulnerable To UPnP Flaws###
Translate this collection (does not include software download(s) and PDF(s): http://translate.google.com/
###
COPYRIGHT: The New Zealand Copyright Act 1994 specifies certain circumstances where all or a substantial part of a copyright work may be used
without the copyright owner's permission. A "fair dealing" with copyright material does not infringe copyright if it is for the following
purposes: research or private study; criticism or review; or reporting current events.###
This Multi-Article Document Has Been Mirrored At The Following Sites (RAW = text):
http://hpaste.org/81561 (RAW: http://hpaste.org/raw/81561)
http://kpaste.net/66c9a3
http://oxynux.org/pastebin/n3rae9-1874
http://pastebin.com/XHkXHfuF (RAW: http://pastebin.com/raw.php?i=XHkXHfuF)
http://paste.blixt.org/9819498
http://paste.lisp.org/display/135035 (RAW: http://paste.lisp.org/display/135035/raw)
http://paste.yt/p2605.html (RAW: http://paste.yt/P2605.txt)
http://slexy.org/view/s2r3Si2W3C
https://paste.debian.net/230670/
http://www.inetpro.org/pastebin/11699 (RAW: http://www.inetpro.org/pastebin/11699/view/raw)###
(Part 1): 50 Million Potentially Vulnerable to UPnP Flaws
by Brian Donohue | January 29, 2013, 1:15PM
https://threatpost.com/en_us/blogs/50-million-potentially-vulnerable-upnp-flaws-012913
"In a project that found more than 80 million unique IP addresses responding to Universal Plug and Play (UPnP) discovery requests, researchers at Rapid7 were shocked to find that somewhere between 40 and 50 million of those are vulnerable to at least one of three known attacks.
A Rapid7 white paper enumerated UPnP-exposed systems connected to the Internet and identified the number of vulnerabilities present in common configurations. Researchers found that more than 6,900 product models produced by 1,500 different vendors contained at least one known vulnerability, with 23 million systems housing the same remote code execution flaw.
Between June 1 and Nov. 17, 2012, Rapid7 conducted weekly scans that sent simple service discovery protocUPnPol (SSDP) requests to each routable IPv4 address. In all, 2.2 percent of all public IPv4 addresses responded to the standard UPnP discovery requests. So, 81 million unique IP addresses responded and, upon deeper probing, researchers determined some 17 million further systems exposed the UPnP simple object access protocol (SOAP). This level of exposure was far higher than researchers had expected, according to
-
The hum that helps to fight crime (ENF)
Archived @:
http://slexy.org/view/s21UWKzafS
http://hpaste.org/79175
https://paste.debian.net/plain/216145
======
The hum that helps to fight crime (ENF) Electrical Network Frequency analysis"For the last seven years, at the Metropolitan Police forensic lab in south London, audio specialists have been continuously recording the sound of mains electricity.
It is an all pervasive hum that we normally cannot hear. But boost it a little, and a metallic and not very pleasant buzz fills the air.
..."The power is sent out over the national grid to factories, shops and of course our homes. Normally this frequency, known as the mains frequency, is about 50Hz," explains Dr Alan Cooper, a senior digital forensic practitioner at the Met Police.
Any digital recording made anywhere near an electrical power source, be it plug socket, light or pylon, will pick up this noise and it will be embedded throughout the audio.
This buzz is an annoyance for sound engineers trying to make the highest quality recordings. But for forensic experts, it has turned out to be an invaluable tool in the fight against crime.
While the frequency of the electricity supplied by the national grid is about 50Hz, if you look at it over time, you can see minute fluctuations.
...Comparing the unique pattern of the frequencies on an audio recording with a database that has been logging these changes for 24 hours a day, 365 days a year provides a digital watermark: a date and time stamp on the recording.
Philip Harrison, from JP French Associates, another forensic audio laboratory that has been logging the hum for several years, says: "Even if [the hum] is picked up at a very low level that you cannot hear, we can extract this information."
It is a technique known as Electric Network Frequency (ENF) analysis, and it is helping forensic scientists to separate genuine, unedited recordings from those that have been tampered with."
- http://www.bbc.co.uk/news/science-environment-20629671
- http://cryptogon.com/?p=32789#
Met lab claims 'biggest breakthrough since Watergate'
Power lines act as police informers- http://www.theregister.co.uk/2010/06/01/enf_met_police/
#
Noisy, muffled, incoherent recordings are an audio engineerâ(TM)s worst nightmare, but all too often they contain vital evidence in criminal trials. Itâ(TM)s the job of the forensic audio specialist to extract that evidence.
- http://www.soundonsound.com/sos/jan10/articles/forensics.htm
#
(discussion forum) Electrical network frequency analysis, Mains frequency variations detectable in digital audio recordings?
- http://www.hydrogenaudio.org/forums/index.php?showtopic=81346
#
Met Police use electrical 'hum' to solve crimes
The Metropolitan Police is using the "hum" of background noise produced by mains electricity to help solve crimes, it has been disclosed.
#
Related Research
- http://www.ece.umd.edu/~ravig/Research.html#
Engineers Use Electrical Hum To Fight Crime
-
CIA Head: We Will Spy On Americans Through EA's
Archived @:
http://slexy.org/view/s2w3SOkgpA
http://hpaste.org/79169
https://paste.debian.net/plain/216147
===
CIA Head: We Will Spy On Americans Through Electrical AppliancesGlobal information surveillance grid being constructed; willing Americans embrace gadgets used to spy on them
Steve Watson | Prisonplanet.com | March 16, 2012
http://www.prisonplanet.com/cia-head-we-will-spy-on-americans-through-electrical-appliances.html
"CIA director David Petraeus has said that the rise of new "smart" gadgets means that Americans are effectively bugging their own homes, saving US spy agencies a job when it identifies any "persons of interest".
Speaking at a summit for In-Q-Tel, the CIA's technology investment operation, Petraeus made the comments when discussing new technologies which aim to add processors and web connections to previously 'dumb' home appliances such as fridges, ovens and lighting systems.
Wired reports the details via its Danger Room Blog[1]:
"'Transformational' is an overused word, but I do believe it properly applies to these technologies," Petraeus enthused, "particularly to their effect on clandestine tradecraft."
"Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters - all connected to the next-generation internet using abundant, low-cost, and high-power computing," Petraeus said.
"the latter now going to cloud computing, in many areas greater and greater supercomputing, and, ultimately, heading to quantum computing." the CIA head added.
Petraeus also stated that such devices within the home "change our notions of secrecy".
Petraeus' comments come in the same week that one of the biggest microchip companies in the world, ARM, unveiled new processors that are designed to give practically every household appliance an internet connection[2], in order that they can be remote controlled and operate in tandem with applications.
ARM describes the concept as an "internet of things".
Where will all the information from such devices be sent and analyzed? It can be no coincidence that the NSA is currently building a monolithic heavily fortified $2 billion facility[3] deep in the Utah desert and surrounded by mountains. The facility is set to go fully live in September 2013.
"The Utah data center is the centerpiece of the Global Information Grid, a military project that will handle yottabytes of data, an amount so huge that there is no other data unit after it." reports Gizmodo.
"This center-with every listening post, spy satellite and NSA datacenter connected to it, will make the NSA the most powerful spy agency in the world."
Wired reports[4] that the incoming data is being mined by plugging into telecommunications companies' switches, essentially the same method the NSA infamously uses for warrantless wiretapping of domestic communications[5], as exposed six years ago.
Former intelligence analyst turned best selling author James Bamford, has penned a lengthy piece[6] on the NSA facility and warns "It is, in some measure, the realization of the 'total information awareness' program created during the first term of the Bush administration-an effort that was killed by Congress in 2003 after it caused an outcry over its potential for invading Americans' privacy."
--
Steve Watson is the London based writer and editor for Alex Jones' Infowars.net[7], and Prisonplanet.com[8]. He has a Masters Degree in International Relations from the School of Politics at The University of Nottingham in England.
(C) 2012 PrisonPlanet.com is a Free Speech Systems, LLC company. All rights reserved.
[1]
-
(ENF) Electrical Network Frequency analysis
Archived @:
http://slexy.org/view/s21UWKzafS
http://hpaste.org/79175
https://paste.debian.net/plain/216145
==
The hum that helps to fight crime (ENF) Electrical Network Frequency analysis"For the last seven years, at the Metropolitan Police forensic lab in south London, audio specialists have been continuously recording the sound of mains electricity.
It is an all pervasive hum that we normally cannot hear. But boost it a little, and a metallic and not very pleasant buzz fills the air.
..."The power is sent out over the national grid to factories, shops and of course our homes. Normally this frequency, known as the mains frequency, is about 50Hz," explains Dr Alan Cooper, a senior digital forensic practitioner at the Met Police.
Any digital recording made anywhere near an electrical power source, be it plug socket, light or pylon, will pick up this noise and it will be embedded throughout the audio.
This buzz is an annoyance for sound engineers trying to make the highest quality recordings. But for forensic experts, it has turned out to be an invaluable tool in the fight against crime.
While the frequency of the electricity supplied by the national grid is about 50Hz, if you look at it over time, you can see minute fluctuations.
...Comparing the unique pattern of the frequencies on an audio recording with a database that has been logging these changes for 24 hours a day, 365 days a year provides a digital watermark: a date and time stamp on the recording.
Philip Harrison, from JP French Associates, another forensic audio laboratory that has been logging the hum for several years, says: "Even if [the hum] is picked up at a very low level that you cannot hear, we can extract this information."
It is a technique known as Electric Network Frequency (ENF) analysis, and it is helping forensic scientists to separate genuine, unedited recordings from those that have been tampered with."
- http://www.bbc.co.uk/news/science-environment-20629671
- http://cryptogon.com/?p=32789#
Met lab claims 'biggest breakthrough since Watergate'
Power lines act as police informers- http://www.theregister.co.uk/2010/06/01/enf_met_police/
#
Noisy, muffled, incoherent recordings are an audio engineerâ(TM)s worst nightmare, but all too often they contain vital evidence in criminal trials. Itâ(TM)s the job of the forensic audio specialist to extract that evidence.
- http://www.soundonsound.com/sos/jan10/articles/forensics.htm
#
(discussion forum) Electrical network frequency analysis, Mains frequency variations detectable in digital audio recordings?
- http://www.hydrogenaudio.org/forums/index.php?showtopic=81346
#
Met Police use electrical 'hum' to solve crimes
The Metropolitan Police is using the "hum" of background noise produced by mains electricity to help solve crimes, it has been disclosed.
#
Related Research
- http://www.ece.umd.edu/~ravig/Research.html#
Engineers Use Electrical Hum To Fight Crime
- http://science.slashdot.org/story/12/12/12/1331243/engineers-
-
Espionage virus & TSCM Babble Tape
OT:
Espionage virus sent blueprints to China - âoeACAD/Medre.Aâ -
http://www.telegraph.co.uk/technology/news/9346734/Espionage-virus-sent-blueprints-to-China.htmlTSCM Audio Countermeasures: Demo - 'Babble Tape'
http://hpaste.org/70267