Slashdot Mirror

A MIME-formatted mailing list digest would be a file encapsulating many emails, in whatever format those emails were sent in.

Think of "saving" many emails from your email program, then attaching them to a new message, and sending that to someone.

Something like this: http://pastebin.com/uJ6K6ias (KMail shows it correctly, GMail doesn't, I don't know what the problem is)

I entered "2+2" and got back http://pastebin.com/hTzSBqWG

I think they need to work on their usability.

(Funnily enough I couldn't enter that inline because Slashdot said "Please use fewer 'junk' characters.")

HUGE Security Resource
- version 5000 - 03/06/12
http://pastebin.com/Cm2ZHuz3

As previously featured on Cryptome.org's front page for security resources.

Linux Trojan: Linux/Bckdr-RKC 02-2012

Links and details, almost a story in and of itself:

--- http://pastebin.com/DwtX9dMd

"This search for the origin of this malware has possibly raised more questions than provided answers. But one thing is for certain - the network framework for this malware has definitely been in place for some time."

"This is not the work of a "fly-by-night" script kiddy. Careful planning has been taken to not only develop this malware, but also to establish the hosting this malware would be using - and hide its true origins."

======

""Linux Trojan: Linux/Bckdr-RKC 02-2012

It's definitely interesting and although not unexpected, you get the feeling of why was this not detected in a different form a some time ago.

That is the code shows that the person who wrote the code is very far from being inexperianced. Such experiance comes in only two ways,

1, Trial and error
2, Highly specific education

And if the second the "ability" of the teachers works it's way back to the trial and error aproach, which all mankinds "hard" knowledge in science and engineering is ultimatly derived from (even theoretical physics is based on the work of experimental physicists as Newton knew well).

Now this raises the question of where and when the learning experiments were carried out...

This could have only been in one of two places,

1, In Public.
2, In Private.

If in public you would expect such experiments to have kicked one or two tripewires and set off other alarms. Such events generaly produce "noise" in one form or another which would have attracted a crowd who would "spread the news" in one form or another. Thus if there is no noise recognisably linked to it, it raises questions as to why not.

But what if the experiments were "in private" what are the implications of this?

Well there are many but one is large well funded resources which has implications as to the size and nature of the backing organisation.

Which is where we have to tread very carefully on the analysis. Ken appears to have made a jump off of the deep end and that has coloured his thinking.

The finding of the Chinese language tag does not mean anything more that somebody set it at some point for some reason.

Ken has chosen to believe that it means the person speaks Chinese. Whilst this may be true it might also be there for other reasons including those of "false flag" operations.

The following on to the "China Town owend cleaning business" again does not of necesity mean anything (it's nebulous at best) but then again it could well be a smoking gun to a foreign intel operation or a false flag operation...

Which brings us around to the response of the AV companies. Is it simply that they have set it at a low priority for economic reasons or have they been "warned off" in some way...

And if it is "warned off" (unlikely but not impossible) is it by an intel organisation to stop their false flag op being blown or by an LEA trying to stop it's investigation into foreign espionage or organised crime activity being blown... and how do you tell the difference?

When you enter into a world of shadows, smoke and mirrors you have to tread with care lest your mind deceives you and sets your feet upon the wrong path.

One of the reasons investigating human activity is difficult is they often chose to veil their activities either to stop discovery or such that others will be blaimed.

Another is arguing back from effect to cause is at best problemetical, the clasic example being a positive swab for nitrates from your hand, does it mean you've been handeling explosives or does it mean you cooked bacon for breakfast or played cards with an old pack of cards the night before (an innocent man died in jail in the UK because of this very issue)?

It's why forensic activities although involving science are not science just the art of making threads that investigators and

Correct. Another hacker named Virus called Sabu a script kiddie that merely uses tools others wrote http://pastebin.com/zDTEqcfD. This is not brilliant, it is what Virus said it was - script kiddie crap. He creates nothing and is merely a malicious noob and nothing more. Sabu = "wally wannabe" that got busted like the stooge he is.

âoebut do you know how to check and is there any point checking when we already know NSA/KGB, etc etc have the globe encircled with satellites?â

try lining your windows with tinfoil and check it after a few months. Youâ(TM)ll discover straight LINES and DOTS (tiny peep holes). This is with the tinfoil on the inside of the windowsâ(TM) surface, in-house/apartment. What causes this?

I believe most, if not all consumer computers and devices are, if not monitored, swept and mirrored by big bro using satellite technology.

One anonymous poster to pastebin, claiming to be representitive of Mossad, fired a shot across the bow of Anonymous and other hackers by saying, paraphrased, âoeAll of your hard drives are mirrored in (locations A,B,C as I forget which countries were mentioned) certain places on Earth anyway.

I find this to be true, Iâ(TM)ve used Microsoftâ(TM)s SysInternals programs to monitor processes and discovered my drives being swept, a chat program running I never installed and could find no trace of, files where they had the most interest were mp3 and graphics files, but they scraped the whole drive, and an iso creator/mirroring utility was running.

You only make it easier for them if you willingly install video streaming programs (VLC) with command line counterparts, music programs with command line counterparts, Office programs, which I noticed PDF files were being made in the background, and all of this activity was happening when I was monitoring a computer isolated from any wired/wireless/LAN network(s).

Google: Subversion Hack archive for a glimpse into this mysterious activity

Itâ(TM)s all about the waves.
==
âoeWell, if this is true or not, I cannot tell, because I use GNU/Linux,â

The same is true for *nix, you just have to have the right monitoring tools and know what to look for inside binaries which are easily messed with by injecting malware into them and tools used by âoeTHEMâ to obscure the code injected into the ELF binaries so as to avoid being picked up as malware.

One simple command you can use to check for modifications to your files:

sudo find /usr/bin -mtime -60

That will search /usr/bin for files modified within 60 minutes, adjust the command as needed for other directories and time frames.

ALWAYS generate sha256sums or better (NOT MD5 or SHA1) of your initial install and the LiveCD and store them on a READ ONLY media like a once writable CDROM. The free utility known as âoemd5deepâ offers more than md5 checksum generation and unlike the simple tools like sha256sum, sha1sum, etc., md5deepâ(TM)s options offer RECURSIVE and directory stripping options, perfect for backup on CDROMs.

Hereâ(TM)s one example out of many mysterious *nix trojans floating about:

- Linux/Bckdr-RKC
â"- http://caffeinesecurity.blogspot.com/2012/02/linuxbckdr-rkc-still-undetected.html

âoeFor those who arenâ(TM)t familiar with this trojan, an anonymous internet user has taken the time to put together a Pastebin post highlighting my research on this trojanâ: http://pastebin.com/DwtX9dMd

More questions without answers:

- Malware for Windows, *nux (and MacOSX?) which HIDES in FIRMWARE on routers, PCI and AGP cards and devices (including CD burners), system BIOS, MBRs, ethernet (nic) cards most if not all surviving hard drive wipes/formats and preloaded again and updated âoethrough-the-airâ mysteriously or when youâ(TM)ve plugged into the net.

- Ethernet cards using packet radio modules/protocols

- Linux distributions including LiveCDs including more modules than they need to run, especially for LiveCD purposes, including build essentials, dpkg-dev, ISDN drivers/modules (sometimes in multiple places, as binary files and

HUGE Security Resource - version 5000 - 03/06/12
http://pastebin.com/XjH24EnZ

When did you first write that?

From http://pastebin.com/D7sR4zhT :

Stratfor's use of insiders for intelligence soon turned into a money-making scheme of questionable legality. The emails show that in 2009 then-Goldman Sachs Managing Director Shea Morenz and Stratfor CEO George Friedman hatched an idea to "utilise the intelligence" it was pulling in from its insider network to start up a captive strategic investment fund. CEO George Friedman explained in a confidential August 2011 document, marked DO NOT SHARE OR DISCUSS: "What StratCap will do is use our Stratfor's intelligence and analysis to trade in a range of geopolitical instruments, particularly government bonds, currencies and the like".

Is insider trading exciting enough for you?

I did not call YOU pathetic--I labeled your third STATEMENT pathetic. (Note that you yourself used the word in your original post.) Your knowledge of the facts are far better than mine; I truly did not realize it was 47! It was not my intent to misrepresent the facts; I was simply ignorant of them.

Now that you have told me what annoyed you, it's my turn: your use of "pathetic right-wing".

The point of my original reply was (and remains): it is not JUST the "right-wing" which is guilty of the stuff you cite. Have a look at this: WikiLeaks begins publishing 5 million emails from STRATFOR, lines 46--73. Clearly this shows guilt from MANY news sources.

Thank you for your reply.

Have at it, lazyweb: http://pastebin.com/X4DWunPY

One sick world, brought to you by the invisible serpents, controllers who dance behind the scenes and suck you into the occult and anti-Christian, anti-God beliefs.

It will only get worse.

Wake up and see:
http://pastebin.com/06yi5zCV

Pretty soon they'll have us paying for canned air, as prices rise the plebs just bump each other's fat assess in their houses to dancing with the stars and other trance enducing shows.

WHAT is PAULA ABDUL doing THIS WEEK?

Which celebrity died THIS MONTH?

You are LOST!

The attack was directed against the web sites, not the trading machines. The original "notice" is here: http://pastebin.com/it77tAvs

This was a small bot net DDoS attack. Whether or not this could have been dealt with more efficiently by better routers/firewalls or HA configs, I don't know.

IMHO this is some script-kiddie types who are in it for the lulz. What it demonstrates is even the room-temperature IQ types can get a hold of some fairly potent DDoS tools. So, serious attention needs to be paid to upgrading their infrastructure and IT security in general.

It is a good time to be in the IT Security field, if you're looking for work.

This is terrorism 101, scare the crap out of everyone because the laws and filters aren't going to work, yeah I know calling ti terrorism is hyperbole and dilutes the meaning but it's so timely. =) (smiley on /. infidel!)
Check this out: http://pastebin.com/pVmAZqWY
How many factual errors can you find?

http://pastebin.com/DwtX9dMd

- http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Linux~Bckdr-RKC.aspx
- http://tinyurl.com/Linux-Bckdr-RKC

Category: Viruses and Spyware
Protection available since: 22 Dec 2011 08:23:46 (GMT)
Type: Trojan
Affected Operating Systems: Linux
© 1997 - 2012 Sophos Ltd.

http://pastebin.com/DwtX9dMd

The link above contains a detailed look at this mysterious new trojan targeting Linux.

- http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/Linux~Bckdr-RKC.aspx
- http://tinyurl.com/Linux-Bckdr-RKC

Category: Viruses and Spyware
Protection available since: 22 Dec 2011 08:23:46 (GMT)
Type: Trojan
Affected Operating Systems: Linux
© 1997 - 2012 Sophos Ltd.

Way to go! I'll be pleased to see that succeed.

The quote below comes from an article in the Harvard
Business Review that you may find relevant to your endeavour :

"Peer inside an open-source software project, and you might think you've glimpsed that organizational nirvana."

I pasted the article here :
http://pastebin.com/W6ddrTFi

Concerning your production model : I confirm LABarr's post, just above yours (http://ask.slashdot.org/comments.pl?sid=2662985&cid=38985211)

I run two web apps from two linux servers. The first one was brought up 530 days ago and is going strong, it's usage peaks at .3% with half a dozen full time users. The hardware costs 20.00$ /month, 0.00$ license, 1Go/s connectivity included.

The licensing costs of doing the same thing with a proprietary stack and DB would be around 30 000.00$/year to be fully compliant. I also would have to get more expensive hardware, my work would turn from pleasure to nightmare, and I probably never could have completed my projects anyway.

I think you are on the right track.

Hey, some of them did ---> Password list on Pastebin

Just in case no one bothered to go find it. http://pastebin.com/uaYDfCz0

Hmmm. My PGP public key is at:

http://pastebin.com/x57SCXNq

You can use this if you want to send me the name of your company, so I can fire my resume in/contact you/whatever, without having everyone on Slashdot knowing your identity.

Thanks..

Winner of Potty Mouth goes to the author of this class.

If a 19 year old kid stealing credit cards and DOSing a web site is war then I call hyperbole!!!
It's an inconvenience at worst, but I do like the Israeli kid trying to take high moral ground by releasing the CC's but not enough info to actually use them.
That won't last.

Personally I think the term "war" is over used.

"#
20,000 Arabs Facebook Accounts
#
Hacked By Hannibal" Interesting name choice.
http://pastebin.com/N8T3QY2i

Israel "response" to the website DOS
http://pastebin.com/GyyqkGxs

If a 19 year old kid stealing credit cards and DOSing a web site is war then I call hyperbole!!!
It's an inconvenience at worst, but I do like the Israeli kid trying to take high moral ground by releasing the CC's but not enough info to actually use them.
That won't last.

Personally I think the term "war" is over used.

"#
20,000 Arabs Facebook Accounts
#
Hacked By Hannibal" Interesting name choice.
http://pastebin.com/N8T3QY2i

Israel "response" to the website DOS
http://pastebin.com/GyyqkGxs

Bain shuns spotlight as Romney takes the heat

Look what I just found on pastebin, not much innovation there, just a bog standard Windows network, no wonder that company is in the toilet.

Google 'bain.and.company site:pastebin.com`

You can't get much better than this list:

http://pastebin.com/F1JcZHLz

It was featured on Cryptome, still is if you scroll down to the Offsite section.

OK really off topic but another indicator of corruption.
But tied in sort of, the "Top 10" financial backers of the Republican Presidential candidates, note who is giving the money to Romney.
http://pastebin.com/j7PP0fuB
Mitt Romney
Goldman Sachs $367,200
Credit Suisse Group $203,750
Morgan Stanley $199,800
HIG Capital $186,500
Barclays $157,750
Kirkland & Ellis $132,100
Bank of America $126,500
PriceWaterhouseCoopers $118,250
EMC Corp $117,300
JPMorgan Chase & Co $112,250

Another (possibly real) treat from Pasetbin.com
http://pastebin.com/13nJQQ9p

The guy, indeed, claims to have stolen 400'000 CC Numbers and not just 6'000 as mentioned in TFS:
http://pastebin.com/13nJQQ9p

Yes, but the OP never said anything about keeping files that weren't duplicates.

O.K ,fine. That one actually works, believe it or not...

HUGE List of Security Blogs: Unix, Linux, Windows:
- http://pastebin.com/raw.php?i=FwjBMJib

Authorship Recognition and Obfuscation projects:
- http://pastebin.com/raw.php?i=dt0UYSVC

HUGE List of Security Blogs: Unix, Linux, Windows:
- http://pastebin.com/raw.php?i=FwjBMJib

Authorship Recognition and Obfuscation projects:
- http://pastebin.com/raw.php?i=dt0UYSVC

And, on the same site the hack info was posted, we have a denial that it was anonymous. Of course, since it's anonymous, there is no way to verify it. And, of course, if you have no membership, how can you say that someone isn't a part of anonymous?

http://pastebin.com/8yrwyNkt

So, someone says yeah we did it. Someone else says no we didn't it was other people.

Pass the popcorn.

I love how Anonymous hates on everything related to the US, the West, police, etc., and utterly ignores things like China jailing or disappearing human rights activists, Beijing requiring bloggers to register their real names, or the over 5,000 people the Syrian government has murdered this year, instead posting tired, lame anarchist diatribes predicting the downfall of Capitalism.

I hope that Anonymous one day gets what it wishes for, if only so they could witness how horrible that world would be.

200 GB of data moving off their network didn't attract attention? I guess Global Intelligence in this case is an oxymoron.
So it's a for profit Intel company that feeds other corps so that they can better plan their financial moves around World issues, along with "other things".

http://en.wikipedia.org/wiki/Stratfor

http://en.wikipedia.org/wiki/George_Friedman

Full Client list: http://pastebin.com/8MtFze0s over 20k hits

Some clients:
AEG Partners LLC
FOX news
AIG Financial Products
American Airlines
American Express
Blackwater Security Consulting
Wells Fargo Investments

Yawn.

Don't make me load Flash then have to click twice to allow it store date on my machine please - I just want to read a document.

Source is here: http://www.ustr.gov/node/6520 (pdf)

Here's some Pastebin goodness: http://pastebin.com/Q5WzwXq0

More details now available:
http://pastebin.com/XTWnLF3p
https://twitter.com/#!/aionescu/status/149818580471517184

What really surprises me is that the telecoms are not screaming their heads off through their purchased channels at their paid for politicians that it's a bad idea.

Yeah, about that... if you look at the list of companies supporting SOPA/PIPA, you will find both Comcast and Time Warner on that list. Two of the biggest ISPs in the USA. Yeah, I guess since the parent companies own a lot of the content producers, their vote wins out over the ISP side. But you're right, I certainly don't see Sprint or Cogent or Level3 or even AT&T on that list. The companies that will actually have to implement this crap sure as hell would not support it.

noone reads the actual press release?

2) Cards - We are NOT targeting Debit cards and nothing below the (Corporate/Amex) level of BoFA/CitiBank/Chase cards. Does this mean we target Classic Cards? No. Other banks? No. We have no intentions of even selling the data we have unlike others who would have profit intentions of using it to make BANK (MILLIONS) in for themselves. We are only doing under $1,000 at a time which helps quite a lot of people in that area. You banks: Need to stop fucking whining and start to up your security.

http://pastebin.com/VKz9U1nu

http://pastebin.com/FEcE9WzJ

Look plaintext to me, but also look old.

http://pastebin.com/Wx90LLum

"...detailed analysis by DHS and the FBI has found no evidence of a cyber intrusion or any other malicious activity."

All this means is professional spin doctors were called in as damage control.

First off, there is a cracker out there with screen dumps from another cracked SCADA system. Coincidence? Yeah, right.

Secondly, the compromise was originally believed to have been the result of the SCADA vendor being cracked. Also, an IP address from a Russian source was found. If there was no compromise, I would still really be interested as to why a Russian IP address was found connecting to US infrastructure.

Thirdly, the cracker's pastebin post* sounds quite accurate of the DHS in general:
"...the DHS tend to downplay how absolutely FUCKED the state of national infrastructure is."

* - http://pastebin.com/Wx90LLum

http://pastebin.com/Wx90LLum

Not by me.

an america who's government smuggles firearms to mexican drug cartels, who constantly lies to the public, who is in bed with investment banksters to fleece the nation for profits, who sends an armed goon squad to raid Gibson guitars over some wood that was legally imported?

i am ashamed to call myself a US Citizen anymore, this nation sucks totally, the government is a racket that would make the mafia jealous. oh and those conspiracies that you hear on alternative news sites? they are all about 99% true, but you keep listening to mainstream media because you know they always tell the truth = http://pastebin.com/M5MuEj5y

No, they did it to promote their own political agenda. Pastebin is here http://pastebin.com/ZGf00sJS

At least before "Anonymous" hacked evil companies or countries. Now some idiot is just pushing his own political agenda.

"Hello,
This is Anonymous Finland messaging you once again (actually not, the earlier messages were not written nor released by us.)

We have no opinions on any politicians all.
We have not hacked any Finnish websites.
We find antisec childish, among with lulzsec that was nothing but a bunch of bought exploits."

http://pastebin.com/X98zQ4Ea

I had a similar situation when I went traveling for a year. I created a message containing all my passwords and xor'ed it with 5 keys. Then set out each unique key to a person I trusted. Here is the code:

  http://pastebin.com/8vtdGeBS

(I always seem to post to the dead submission of a pair).

Greg Maxwell posted the torrent:
18592 scientific publications JSTOR_01_PhilTrans
http://science.slashdot.org/story/11/07/22/2254204/release-of-33gib-of-scientific-publications [slashdot.org]

Over the treatment of Aaron Swartz
http://yro.slashdot.org/story/11/07/19/1839237/aaron-swartz-indicted-in-attempted-piracy-of-four-million-documents [slashdot.org]

Greg Maxwell's manifesto: http://pastebin.com/kFAENbCf [pastebin.com]

Yeah, here's one list. I don't see how this would be useful for law enforcement purposes... but then I'm not an LEO. http://pastebin.com/88Lzs1XR

The JVM is installed as a root, the tomcat server runs as a tomcat user, but I do navigate system as root :)

I am actually going to try these flags in one of these stores, see if that helps. Of-course there are all sorts of errors that creep up and kill the JVM this way. Here is a shitty one, that only affects 2 stores for some reason and this one crashes the client, not the server.

Lovely stuff like this, very useful.

# Problematic frame:
# C [libc.so.6+0x6e199] unsigned long+0xec9

Life is basically hard :) these are just little things.

The JVM is installed as a root, the tomcat server runs as a tomcat user, but I do navigate system as root :)

I am actually going to try these flags in one of these stores, see if that helps. Of-course there are all sorts of errors that creep up and kill the JVM this way. Here is a shitty one, that only affects 2 stores for some reason and this one crashes the client, not the server.

Lovely stuff like this, very useful.

# Problematic frame:
# C [libc.so.6+0x6e199] unsigned long+0xec9

Life is basically hard :) these are just little things.