Domain: slexy.org
Stories and comments across the archive that link to slexy.org.
Comments · 14
-
List of No Bullsh*t Pastebins Usable Via Tor v042
List of No Bullsh*t Pastebins Usable Via Tor - v.0.4.2, 04/15/15
* Pastebins which are usable via Tor and do not require javascript to use
# v.0.4.2 posted @: http://pastebin.com/UgeYW4fy
http://slexy.org/view/s207aCCw... -
#BadBIOS - BIOS Malware
#BadBIOS - BIOS Malware
#
- Copernicus: Question Your Assumptions about BIOS Security
- "Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed."
https://twitter.com/dragosr/status/388512915742937089
=
- #BadBIOS
https://twitter.com/search?q=%23BadBIOS
=
- "More on my ongoing chase of #badBIOS malware."
https://plus.google.com/103470457057356043365/posts/9fyh5R9v2Ga
https://plus.google.com/103470457057356043365=
- Nobody Seems To Notice and Nobody Seems To Care: Government & Stealth Malware
http://slexy.org/view/s2otvoDuKW
=
- Gpu based paravirtualization rootkit, all os vulne
http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html
=
- #badBIOS (and lotsa paranoia, plus fireworks)
https://kabelmast.wordpress.com/2013/10/23/badbios-and-lotsa-paranoia-plus-fireworks/
=
- Air-Gap-Breaching BIOS Rootkits with SDRs Inside (and smartphones, Snowden, NSA, Wikileaks)
"A little while back I covered a paper on FPGAs that could turn themselves into SDRs. I suspected this would be one way to breach an air gap.
It seems I was right on the money. If a little behind the times.
Researchers have found an incredibly persistent BIOS rootkit in the wild that includes SDR functionality⦠literally turning your computer into a radio transmitter to exfiltrate data even if youâ(TM)re not connected to the Internet." [..]
"The researchers were using a new tool, Copernicus, which sadly seems to be Windows-only. Nevertheless a number of you might be interested in checking it out.
There is one enduring mystery of this rootkit⦠how does it survive BIOS reflashes?" [..]
https://twitter.com/dragosr/status/388511686744764416
- IMHO Copernicus is the most important security tool in recent history. Already found persistent BIOS malware (survives reflashing) here.
-
#BADBIOS - You Were Warned About This For Years!
#BADBIOS - You Were Warned About This For Years!
http://slexy.org/view/s2BLnoBPxnState sponsored rootkits and the failure of malware scanners
http://slexy.org/view/s2otvoDuKWTL;DR: most antimalware programs are proprietary pieces of shit you can't see the code, but they can read (sorry, I meant scan, *cough*) all of your private files and some use the cloud so kiss your privacy goodbye.
-
#BADBIOS - You Were Warned About This For Years!
#BADBIOS - You Were Warned About This For Years!
http://slexy.org/view/s2BLnoBPxnState sponsored rootkits and the failure of malware scanners
http://slexy.org/view/s2otvoDuKWTL;DR: most antimalware programs are proprietary pieces of shit you can't see the code, but they can read (sorry, I meant scan, *cough*) all of your private files and some use the cloud so kiss your privacy goodbye.
-
#BADBIOS - You Were Warned About This For Years!
#BADBIOS - You Were Warned About This For Years!
http://slexy.org/view/s2BLnoBPxnState sponsored rootkits and the failure of malware scanners
http://slexy.org/view/s2otvoDuKW -
#BADBIOS - You Were Warned About This For Years!
#BADBIOS - You Were Warned About This For Years!
http://slexy.org/view/s2BLnoBPxnState sponsored rootkits and the failure of malware scanners
http://slexy.org/view/s2otvoDuKW -
Nothing new, you were warned years ago!
#BADBIOS - You Were Warned About This For Years!
http://slexy.org/view/s2BLnoBPxn -
Gpu based paravirtualization rootkit, all os vuln
- Gpu based paravirtualization rootkit, all os vulne
http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html
see the thread here where it says you were warned for years about this problem
and -
#BADBIOS - You Were Warned About This For Years!
http://slexy.org/view/s2BLnoBPxn -
#BadBIOS - BIOS Malware 1/2
#BadBIOS - BIOS Malware
#
- Copernicus: Question Your Assumptions about BIOS Security
- "Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed."
https://twitter.com/dragosr/status/388512915742937089
=
- #BadBIOS
https://twitter.com/search?q=%23BadBIOS
=
- "More on my ongoing chase of #badBIOS malware."
https://plus.google.com/103470457057356043365/posts/9fyh5R9v2Ga
https://plus.google.com/103470457057356043365=
- Nobody Seems To Notice and Nobody Seems To Care: Government & Stealth Malware
http://slexy.org/view/s2otvoDuKW
=
- Gpu based paravirtualization rootkit, all os vulne
http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html
=
- #badBIOS (and lotsa paranoia, plus fireworks)
https://kabelmast.wordpress.com/2013/10/23/badbios-and-lotsa-paranoia-plus-fireworks/
=
- Air-Gap-Breaching BIOS Rootkits with SDRs Inside (and smartphones, Snowden, NSA, Wikileaks)
"A little while back I covered a paper on FPGAs that could turn themselves into SDRs. I suspected this would be one way to breach an air gap.
It seems I was right on the money. If a little behind the times.
Researchers have found an incredibly persistent BIOS rootkit in the wild that includes SDR functionality⦠literally turning your computer into a radio transmitter to exfiltrate data even if youâ(TM)re not connected to the Internet." [..]
"The researchers were using a new tool, Copernicus, which sadly seems to be Windows-only. Nevertheless a number of you might be interested in checking it out.
There is one enduring mystery of this rootkit⦠how does it survive BIOS reflashes?" [..]
https://twitter.com/dragosr/status/388511686744764416
- IMHO Copernicus is the most important security tool in recent history. Already found persistent BIOS malware (survives reflashing) here.
https://twitter.com/dragosr/status/388512915742937089
- and thatâ(TM)s not even interesting part. Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed.
https://twitter.com/dragosr/status/388521551693217792
- Copernicus BIOS verification. Also if tool is mysteriously failing or weird output full of FFs you may have problem. http://goo.gl/AHLwbD
https://twitter.com/dragosr/status/388534580493287424
- This particular BIOS persistent malware sample seems use TLS encrypted DHCP HostOptions as a command and control.
-
50 Million Potentially Vulnerable to UPnP Flaws
50 Million Potentially Vulnerable to UPnP Flaws - January 2013 Articles and Downloads
###
Multi-Article Document:
Part 1 - Article: 50 Million Potentially Vulnerable to UPnP Flaws
Part 2 - Article: Security Flaws in Universal Plug and Play: Unplug, Don't Play
Part 3 - Router Scan: Universal Plug and Play - Router Security Check
Part 4 - Download: ScanNow for Universal Plug and Play (UPnP) | For Windows
Part 5 - PDF: Whitepaper: Security Flaws in Universal Plug and Play: Unplug, Don't Play.
Part 6 - Article: Millions of devices vulnerable via UPnP
Part 7 - Article and Discussion: 50 Million Potentially Vulnerable To UPnP Flaws###
Translate this collection (does not include software download(s) and PDF(s): http://translate.google.com/
###
COPYRIGHT: The New Zealand Copyright Act 1994 specifies certain circumstances where all or a substantial part of a copyright work may be used
without the copyright owner's permission. A "fair dealing" with copyright material does not infringe copyright if it is for the following
purposes: research or private study; criticism or review; or reporting current events.###
This Multi-Article Document Has Been Mirrored At The Following Sites (RAW = text):
http://hpaste.org/81561 (RAW: http://hpaste.org/raw/81561)
http://kpaste.net/66c9a3
http://oxynux.org/pastebin/n3rae9-1874
http://pastebin.com/XHkXHfuF (RAW: http://pastebin.com/raw.php?i=XHkXHfuF)
http://paste.blixt.org/9819498
http://paste.lisp.org/display/135035 (RAW: http://paste.lisp.org/display/135035/raw)
http://paste.yt/p2605.html (RAW: http://paste.yt/P2605.txt)
http://slexy.org/view/s2r3Si2W3C
https://paste.debian.net/230670/
http://www.inetpro.org/pastebin/11699 (RAW: http://www.inetpro.org/pastebin/11699/view/raw)###
(Part 1): 50 Million Potentially Vulnerable to UPnP Flaws
by Brian Donohue | January 29, 2013, 1:15PM
https://threatpost.com/en_us/blogs/50-million-potentially-vulnerable-upnp-flaws-012913
"In a project that found more than 80 million unique IP addresses responding to Universal Plug and Play (UPnP) discovery requests, researchers at Rapid7 were shocked to find that somewhere between 40 and 50 million of those are vulnerable to at least one of three known attacks.
A Rapid7 white paper enumerated UPnP-exposed systems connected to the Internet and identified the number of vulnerabilities present in common configurations. Researchers found that more than 6,900 product models produced by 1,500 different vendors contained at least one known vulnerability, with 23 million systems housing the same remote code execution flaw.
Between June 1 and Nov. 17, 2012, Rapid7 conducted weekly scans that sent simple service discovery protocUPnPol (SSDP) requests to each routable IPv4 address. In all, 2.2 percent of all public IPv4 addresses responded to the standard UPnP discovery requests. So, 81 million unique IP addresses responded and, upon deeper probing, researchers determined some 17 million further systems exposed the UPnP simple object access protocol (SOAP). This level of exposure was far higher than researchers had expected, according to
-
The hum that helps to fight crime (ENF)
Archived @:
http://slexy.org/view/s21UWKzafS
http://hpaste.org/79175
https://paste.debian.net/plain/216145
======
The hum that helps to fight crime (ENF) Electrical Network Frequency analysis"For the last seven years, at the Metropolitan Police forensic lab in south London, audio specialists have been continuously recording the sound of mains electricity.
It is an all pervasive hum that we normally cannot hear. But boost it a little, and a metallic and not very pleasant buzz fills the air.
..."The power is sent out over the national grid to factories, shops and of course our homes. Normally this frequency, known as the mains frequency, is about 50Hz," explains Dr Alan Cooper, a senior digital forensic practitioner at the Met Police.
Any digital recording made anywhere near an electrical power source, be it plug socket, light or pylon, will pick up this noise and it will be embedded throughout the audio.
This buzz is an annoyance for sound engineers trying to make the highest quality recordings. But for forensic experts, it has turned out to be an invaluable tool in the fight against crime.
While the frequency of the electricity supplied by the national grid is about 50Hz, if you look at it over time, you can see minute fluctuations.
...Comparing the unique pattern of the frequencies on an audio recording with a database that has been logging these changes for 24 hours a day, 365 days a year provides a digital watermark: a date and time stamp on the recording.
Philip Harrison, from JP French Associates, another forensic audio laboratory that has been logging the hum for several years, says: "Even if [the hum] is picked up at a very low level that you cannot hear, we can extract this information."
It is a technique known as Electric Network Frequency (ENF) analysis, and it is helping forensic scientists to separate genuine, unedited recordings from those that have been tampered with."
- http://www.bbc.co.uk/news/science-environment-20629671
- http://cryptogon.com/?p=32789#
Met lab claims 'biggest breakthrough since Watergate'
Power lines act as police informers- http://www.theregister.co.uk/2010/06/01/enf_met_police/
#
Noisy, muffled, incoherent recordings are an audio engineerâ(TM)s worst nightmare, but all too often they contain vital evidence in criminal trials. Itâ(TM)s the job of the forensic audio specialist to extract that evidence.
- http://www.soundonsound.com/sos/jan10/articles/forensics.htm
#
(discussion forum) Electrical network frequency analysis, Mains frequency variations detectable in digital audio recordings?
- http://www.hydrogenaudio.org/forums/index.php?showtopic=81346
#
Met Police use electrical 'hum' to solve crimes
The Metropolitan Police is using the "hum" of background noise produced by mains electricity to help solve crimes, it has been disclosed.
#
Related Research
- http://www.ece.umd.edu/~ravig/Research.html#
Engineers Use Electrical Hum To Fight Crime
-
CIA Head: We Will Spy On Americans Through EA's
Archived @:
http://slexy.org/view/s2w3SOkgpA
http://hpaste.org/79169
https://paste.debian.net/plain/216147
===
CIA Head: We Will Spy On Americans Through Electrical AppliancesGlobal information surveillance grid being constructed; willing Americans embrace gadgets used to spy on them
Steve Watson | Prisonplanet.com | March 16, 2012
http://www.prisonplanet.com/cia-head-we-will-spy-on-americans-through-electrical-appliances.html
"CIA director David Petraeus has said that the rise of new "smart" gadgets means that Americans are effectively bugging their own homes, saving US spy agencies a job when it identifies any "persons of interest".
Speaking at a summit for In-Q-Tel, the CIA's technology investment operation, Petraeus made the comments when discussing new technologies which aim to add processors and web connections to previously 'dumb' home appliances such as fridges, ovens and lighting systems.
Wired reports the details via its Danger Room Blog[1]:
"'Transformational' is an overused word, but I do believe it properly applies to these technologies," Petraeus enthused, "particularly to their effect on clandestine tradecraft."
"Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters - all connected to the next-generation internet using abundant, low-cost, and high-power computing," Petraeus said.
"the latter now going to cloud computing, in many areas greater and greater supercomputing, and, ultimately, heading to quantum computing." the CIA head added.
Petraeus also stated that such devices within the home "change our notions of secrecy".
Petraeus' comments come in the same week that one of the biggest microchip companies in the world, ARM, unveiled new processors that are designed to give practically every household appliance an internet connection[2], in order that they can be remote controlled and operate in tandem with applications.
ARM describes the concept as an "internet of things".
Where will all the information from such devices be sent and analyzed? It can be no coincidence that the NSA is currently building a monolithic heavily fortified $2 billion facility[3] deep in the Utah desert and surrounded by mountains. The facility is set to go fully live in September 2013.
"The Utah data center is the centerpiece of the Global Information Grid, a military project that will handle yottabytes of data, an amount so huge that there is no other data unit after it." reports Gizmodo.
"This center-with every listening post, spy satellite and NSA datacenter connected to it, will make the NSA the most powerful spy agency in the world."
Wired reports[4] that the incoming data is being mined by plugging into telecommunications companies' switches, essentially the same method the NSA infamously uses for warrantless wiretapping of domestic communications[5], as exposed six years ago.
Former intelligence analyst turned best selling author James Bamford, has penned a lengthy piece[6] on the NSA facility and warns "It is, in some measure, the realization of the 'total information awareness' program created during the first term of the Bush administration-an effort that was killed by Congress in 2003 after it caused an outcry over its potential for invading Americans' privacy."
--
Steve Watson is the London based writer and editor for Alex Jones' Infowars.net[7], and Prisonplanet.com[8]. He has a Masters Degree in International Relations from the School of Politics at The University of Nottingham in England.
(C) 2012 PrisonPlanet.com is a Free Speech Systems, LLC company. All rights reserved.
[1]
-
(ENF) Electrical Network Frequency analysis
Archived @:
http://slexy.org/view/s21UWKzafS
http://hpaste.org/79175
https://paste.debian.net/plain/216145
==
The hum that helps to fight crime (ENF) Electrical Network Frequency analysis"For the last seven years, at the Metropolitan Police forensic lab in south London, audio specialists have been continuously recording the sound of mains electricity.
It is an all pervasive hum that we normally cannot hear. But boost it a little, and a metallic and not very pleasant buzz fills the air.
..."The power is sent out over the national grid to factories, shops and of course our homes. Normally this frequency, known as the mains frequency, is about 50Hz," explains Dr Alan Cooper, a senior digital forensic practitioner at the Met Police.
Any digital recording made anywhere near an electrical power source, be it plug socket, light or pylon, will pick up this noise and it will be embedded throughout the audio.
This buzz is an annoyance for sound engineers trying to make the highest quality recordings. But for forensic experts, it has turned out to be an invaluable tool in the fight against crime.
While the frequency of the electricity supplied by the national grid is about 50Hz, if you look at it over time, you can see minute fluctuations.
...Comparing the unique pattern of the frequencies on an audio recording with a database that has been logging these changes for 24 hours a day, 365 days a year provides a digital watermark: a date and time stamp on the recording.
Philip Harrison, from JP French Associates, another forensic audio laboratory that has been logging the hum for several years, says: "Even if [the hum] is picked up at a very low level that you cannot hear, we can extract this information."
It is a technique known as Electric Network Frequency (ENF) analysis, and it is helping forensic scientists to separate genuine, unedited recordings from those that have been tampered with."
- http://www.bbc.co.uk/news/science-environment-20629671
- http://cryptogon.com/?p=32789#
Met lab claims 'biggest breakthrough since Watergate'
Power lines act as police informers- http://www.theregister.co.uk/2010/06/01/enf_met_police/
#
Noisy, muffled, incoherent recordings are an audio engineerâ(TM)s worst nightmare, but all too often they contain vital evidence in criminal trials. Itâ(TM)s the job of the forensic audio specialist to extract that evidence.
- http://www.soundonsound.com/sos/jan10/articles/forensics.htm
#
(discussion forum) Electrical network frequency analysis, Mains frequency variations detectable in digital audio recordings?
- http://www.hydrogenaudio.org/forums/index.php?showtopic=81346
#
Met Police use electrical 'hum' to solve crimes
The Metropolitan Police is using the "hum" of background noise produced by mains electricity to help solve crimes, it has been disclosed.
#
Related Research
- http://www.ece.umd.edu/~ravig/Research.html#
Engineers Use Electrical Hum To Fight Crime
- http://science.slashdot.org/story/12/12/12/1331243/engineers-
-
Re:Sophisticated not, Government phishing attempt
The E-mail address are good or real at least the ones from http://slexy.org/view/s21jyUzcUb spammers wet dream.
Also Richard Clayton has blocked himself from search engines at bericotechnologies.com he works there http://i.imgur.com/m7feh.png
Just the few I've played with.
My post look like crap as I appear to be a bot.