Really? It's not safe if you're using any common software such as Linux, Windows or OS X. Nor is it secure if you're running it on any modern hardware with a CPU from Intel or AMD. And forget about any arm based mobile!
Secure, real time communication is difficult right now.
What do you think you can run that is secure from the likes of the NSA?
I'm not debating you. You may think you're the voice of reason here, but you really don't know anything about the situation, and I don't care what you think.
Barnaby would routinely party until 5am then deliver the first talk in the morning. And deliver the talk well. His research was good, but then again so was the research of others who weren't nearly as much fun. Conference organizers aren't robots.
His hard partying ways were well known in the security community. Reading all of this conspiratorial talk reminds me how foolish we can be when we talk about people we've never even met.
Does anyone seriously expect a bunch of other well known hackers to admit in public that they routinely binged on drink and hard drugs with Barnaby? Merely to put to rest wild speculation by some randoms who didn't even know him and will likely continue to believe whatever they want to believe?
Hopefully the Chinese will release some high quality pictures. I'm not suggesting the moon landings were fake, but given the overall cost and engineering that goes into such an endeavor, I don't think it's unreasonable to expect photos of the same quality I can take with my cell phone.
I read that the first images we see now are low quality to keep transmission time low. The high quality ones, including full video of the decent, will follow.
It is a fact that the largest US defense contractors had *thousands* of workstations and servers backdoored for *years* before anyone wised up to it. These are networks managed by professionals who really do take security seriously.
I don't think it's unreasonable to believe that tons of machines are trojaned prior to sale.
It's like tripwire, except it works on code in memory. It has an online database where hashes of known code are stored in various sizes... so the client will hash 4k and ask the server if this is known. If so, move on we know what it is. If not, split it into 2 blocks of 2k. Can we positively identify that? Anything not identified continues to be split into smaller and smaller pieces.
The software understands how processes are laid out so it's not going to hash your user data as that can't possibly provide a useful result.
The idea is that we need to be able to ask, "Is this really Microsoft Word 2010 patchlevel X running on my system? Has it been modified in anyway, even via hotpatching memory? If so, show me exactly where it has been modified so I can focus my analysis on that"
When you visit the site in Firefox for some reason it just tries to download something. I didn't try with other browsers. That's why I said use IE. Visit in IE and you see a little blurb about it with a couple different options for installing. It uses some Microsoft 1click installer framework... and yeah, this needs some serious release engineering work.
It's alpha code. It seems to work better on HyperV than VMWare too... In VMWare I have to close the target VM (run in background) in order to get it to work. Some kind of locking issue I guess.
Anyway, I think it's a really cool concept. I'm sure there will soon be a proper page put up to describe it, running on a standard port and everything.
Oh, and make sure you have.NET 4.5 installed. The installer choked on me the first time because I didn't have it. You install it on your host system, and it connects to VMs of your choosing to analyze them.
It's pretty alpha, and you will need to use IE to install it. This tool compares software in memory against known signatures, allowing you to confirm what's running on the system is really what you think it is. It works with HyperV and VMWare.
Slashdot Mirror
Will someone just post the pastebin link so we can look at judge for ourselves?
What the pirates over at TPB are saying. Find those comments here:
http://thepiratebay.se/torrent...
And how exactly do you get the OS and compilers to build the source code with?
Really? It's not safe if you're using any common software such as Linux, Windows or OS X. Nor is it secure if you're running it on any modern hardware with a CPU from Intel or AMD. And forget about any arm based mobile!
Secure, real time communication is difficult right now.
What do you think you can run that is secure from the likes of the NSA?
> how much you think is "invested" on mapping any potential space threats compared with, i.e. spying on ourselves
Which do you think is a more realistic threat, being obliterated by an asteroid or being attacked by other humans?
I'm not debating you. You may think you're the voice of reason here, but you really don't know anything about the situation, and I don't care what you think.
Barnaby would routinely party until 5am then deliver the first talk in the morning. And deliver the talk well. His research was good, but then again so was the research of others who weren't nearly as much fun. Conference organizers aren't robots.
His hard partying ways were well known in the security community. Reading all of this conspiratorial talk reminds me how foolish we can be when we talk about people we've never even met.
Does anyone seriously expect a bunch of other well known hackers to admit in public that they routinely binged on drink and hard drugs with Barnaby? Merely to put to rest wild speculation by some randoms who didn't even know him and will likely continue to believe whatever they want to believe?
But I can't.
I'm sure looking forward to their findings!
Hopefully the Chinese will release some high quality pictures. I'm not suggesting the moon landings were fake, but given the overall cost and engineering that goes into such an endeavor, I don't think it's unreasonable to expect photos of the same quality I can take with my cell phone.
I read that the first images we see now are low quality to keep transmission time low. The high quality ones, including full video of the decent, will follow.
Good luck keeping guys with tens of thousands of exploits out of it
As soon as software catches up and makes it practical, the rest of the world is going to dump the US cloud forever.
Sourceforge is garbage now.
If you don't want to be discovered with Bluetooth, don't leave your devices in discoverable mode!
Cryptome notes this document is claimed to be a hoax by a Hacker News user.
http://cryptome.org/2013/09/computer-forensics-2013.pdf
Trademark?
It is a fact that the largest US defense contractors had *thousands* of workstations and servers backdoored for *years* before anyone wised up to it. These are networks managed by professionals who really do take security seriously.
I don't think it's unreasonable to believe that tons of machines are trojaned prior to sale.
I have file system 0day. Be sure to dd the content to that flash drive and dd it back off!
There's no reason to use an asymmetric algorithm.
It's like tripwire, except it works on code in memory. It has an online database where hashes of known code are stored in various sizes... so the client will hash 4k and ask the server if this is known. If so, move on we know what it is. If not, split it into 2 blocks of 2k. Can we positively identify that? Anything not identified continues to be split into smaller and smaller pieces.
The software understands how processes are laid out so it's not going to hash your user data as that can't possibly provide a useful result.
The idea is that we need to be able to ask, "Is this really Microsoft Word 2010 patchlevel X running on my system? Has it been modified in anyway, even via hotpatching memory? If so, show me exactly where it has been modified so I can focus my analysis on that"
When you visit the site in Firefox for some reason it just tries to download something. I didn't try with other browsers. That's why I said use IE. Visit in IE and you see a little blurb about it with a couple different options for installing. It uses some Microsoft 1click installer framework... and yeah, this needs some serious release engineering work.
It's alpha code. It seems to work better on HyperV than VMWare too... In VMWare I have to close the target VM (run in background) in order to get it to work. Some kind of locking issue I guess.
Anyway, I think it's a really cool concept. I'm sure there will soon be a proper page put up to describe it, running on a standard port and everything.
Fair point, but it's not like getting something from port 80 or 443 really assures safety.
Like I said it's really alpha. I would not run it on any important VMs anyway.
Oh, and make sure you have .NET 4.5 installed. The installer choked on me the first time because I didn't have it. You install it on your host system, and it connects to VMs of your choosing to analyze them.
http://blockwatch.ioactive.com:8888/
It's pretty alpha, and you will need to use IE to install it. This tool compares software in memory against known signatures, allowing you to confirm what's running on the system is really what you think it is. It works with HyperV and VMWare.
It's free. Thanks IO Active!
Call the kernel to access files, sockets, etc.
Also unless the developer is super 31337 and likes to write everything I expect shares library calls too.
By watching calls to those interfaces we can figure out what it does.
As far as the US government is concerned nothing is sovereign but themselves.