--Update you must know ah"--By Our friendly & kindly Anonymous@YourAnonNews 2小時]- ''Global call to action from Aboriginal Australian communities''[ https://linksunten.indymedia.org/de/node/137877] More info:[ http://www.donotlink.com/e68t] #SOSBLAKAUSTRALIA)- {..&..Much More you dont know that -By Anonymous @YourAnonNews imformation ah~} Anonymous@YourAnonNews 3月17日]Anonymous lists OVER 9000 Twitter accts linked to #ISIS after hacktivist collaboration [http://www.ibtimes.co.uk/anonymous-lists-9200-twitter-accounts-linked-islamic-state-after-hacktivist-collaboration-1492035…] #Anonymous #GhostSec #Ctrlsec)- [http://countercurrentnews.com/2015/02/anonymous-isis-sites-than-ever-after-the-u-s-government-and-twitter-refuse-to-act/]- [http://foreignpolicy.com/2015/03/03/the-u-s-government-should-pay-anonymous-in-bitcoin-to-fight-isis/?wp_login_redirect=0]- {..&..Much More you dont know that -By Anonymous @YourAnonNews imformation ah~} -Update你必須知道啊!“--通過我們的友好和善意匿名@ YourAnonNews 2小時] - ''從澳大利亞土著社區的全球行動電話'[https://linksunten.indymedia.org/de/node/137877]更多信息:[http://www.donotlink.com/e68t] #SOSBLAKAUSTRALIA) - {..&..更多你不知道-By匿名@YourAnonNews信息啊〜} 匿名@ YourAnonNews 3月17日]匿名黑客活動列出的合作後,掛#ISIS OVER 9000微博accts [http://www.ibtimes.co.uk/anonymous-lists-9200-twitter-accounts-linked-islamic-state-after-hacktivist-collaboration-1492035…] #匿名#GhostSec #Ctrlsec) - [http://countercurrentnews.com/2015/02/anonymous-isis-sites-than-ever-after-the-u-s-government-and-twitter-refuse-to-act/]- [http://foreignpolicy.com/2015/03/03/the-u-s-government-should-pay-anonymous-in-bitcoin-to-fight-isis/?wp_login_redirect=0]- {..&..更多你不知道-By匿名@YourAnonNews信息啊〜}-**All The World Country Lauguage**--By Anonymous friendly chivalrous Legion released---"Lauri Love petitions to get his electronics bad: still refuses to decrypt his drives. [ http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/…|http://arstechnica.com/tech-policy/20 ]- '' Such a serious infringement of privacy to the masses rogue hackers, arrogant and presumptuous! @ Make people internationally privacy information being secretly injected SSL criminal code / malicious viruses,....!!"- ---匿名友好俠義軍團公佈---''勞裡愛請願得到他的電子不好:仍然拒絕解密他的驅動器.[http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/...| http://arstechnica.com/tech-policy/20]- ''這麼嚴重的侵犯到羣眾私隱的流氓黑客所為,囂張妄為!@令國際上的人們私隱資料在偷偷的被注入SSL的犯罪程式碼/惡意病毒,....!!"- **익명 친화적 인 기사도 군단 나쁜 자신의 전자를 얻을 수---"로리 사랑 청원서를 발표함으로써 --- : 여전히 그의 드라이브의 암호를 해독하기를 거부 [. http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/…|http://arstechnica.com/tech-policy/20 ] -'',대중에게 오만하고 주제 넘은 악성 해커가 개인 정보 보호의 이러한 심각한 침해'! @ 사람들은 국제적으로 개인 정보를 비밀리에, SSL 형법 / 악성 바이러스를 주입되는 확인...!!"- **All The World Country/ City Lauguage**-
**--Update you must know ah"--By Our friendly & kindly Anonymous@YourAnonNews 2小時]- ''Global call toaction
from Aboriginal Australian communities''[
https://linksunten.indymedia.org/de/node/137877] More info:[
http://www.donotlink.com/e68t] #SOSBLAKAUSTRALIA)- {..&..Much More you dont know that -By Anonymous @YourAnonNews imformation ah~} Anonymous@YourAnonNews
3月17日]Anonymous lists OVER 9000 Twitter accts linked to #ISIS after
hacktivist collaboration
[http://www.ibtimes.co.uk/anonymous-lists-9200-twitter-accounts-linked-islamic-state-after-hacktivist-collaboration-1492035…]
#Anonymous #GhostSec #Ctrlsec)- [http://countercurrentnews.com/2015/02/anonymous-isis-sites-than-ever-after-the-u-s-government-and-twitter-refuse-to-act/]- [http://foreignpolicy.com/2015/03/03/the-u-s-government-should-pay-anonymous-in-bitcoin-to-fight-isis/?wp_login_redirect=0]- {..&..Much More you dont know that -By Anonymous @YourAnonNews imformation ah~} -Update
你必須知道啊!“--通過我們的友好和善意匿名@ YourAnonNews 2小時] -
''從澳大利亞土著社區的全球行動電話'[https://linksunten.indymedia.org/de/node/137877]更多信
息:[http://www.donotlink.com/e68t] #SOSBLAKAUSTRALIA) - {..&..更多你不知道-By匿名@YourAnonNews信息啊〜} 匿
名@ YourAnonNews 3月17日]匿名黑客活動列出的合作後,掛#ISIS OVER 9000微博accts
[http://www.ibtimes.co.uk/anonymous-lists-9200-twitter-accounts-linked-islamic-state-after-hacktivist-collaboration-1492035…]
#匿名#GhostSec #Ctrlsec) - [http://countercurrentnews.com/2015/02/anonymous-isis-sites-than-ever-after-the-u-s-government-and-twitter-refuse-to-act/]- [http://foreignpolicy.com/2015/03/03/the-u-s-government-should-pay-anonymous-in-bitcoin-to-fight-isis/?wp_login_redirect=0]- {..&..更多你不知道-By匿名@YourAnonNews信息啊〜}**All The World Country Lauguage**-*
--By Anonymous friendly chivalrous Legion released---"Lauri Love petitions to get his electronics bad: still
refuses to decrypt his drives. [ http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/…|http://arstechnica.com/tech-policy/20 ]- '' Such a serious infringement of privacy to the masses rogue hackers, arrogant and presumptuous! @ Make people internationally privacy information being secretly injected SSL criminal code / malicious viruses,....!!"- ---匿名友好俠義軍團公佈---''勞裡愛請願得到他的電子不好:仍然拒絕解密他的驅動器.[http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/...| http://arstechnica.com/tech-policy/20]- ''這麼嚴重的侵犯到羣眾私隱的流氓黑客所為,囂張妄為!@令國際上的人們私隱資料在偷偷的被注入SSL的犯罪程式碼/惡意病毒,....!!"- **익명 친화적 인 기사도 군단 나쁜 자신의 전자를 얻을 수---"로리 사랑 청원서를 발표함으로써 --- : 여전히 그의 드라이브의 암호를 해독하기를 거부 [. http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/…|http://arstechnica.com/tech-policy/20 ] -'',대중에게 오만하고 주제 넘은 악성 해커가 개인 정보 보호의 이러한 심각한 침해'! @ 사람들은 국제적으로 개인 정보를 비밀리에, SSL 형법 / 악성 바이러스를 주입되는 확인...!!"- **All The World Country/ City Lauguage**-
Kimberley Aboriginal communitieshave
declared a GLOBAL CALL TO ACTION to stop the forced closure of
Aboriginal communities within Western Australia amidst the growing
campaign by State and Federal Governments to withdraw their support and
remove Aboriginal people from their traditional homelands. Prime
Minister Tony Abbott has whipped up a great amount of fear, anxiety and
doubt amongst the already marginalised First peoples of this nation
when he said that 'What we can't do, is endlessly subsidise choices, if
those lifestyle choices are not conducive to the kind of full
participation in Australian society that everyone should have".
Abbott's statement was in support of the declarations made by Premier
of Western Australia, Colin Barnett in a press statement released 12
November 2014, suggesting that the State could no longer support 150
Aboriginal Communities, flagging the prospective removal by the end of
2015.
We who live in the remoter areas of Australia do not believe it is a
lifestyle choice but an intrinsic fundamental human right to live in our
own communities and our own country. We hold significant cultural
obligations to our Ancestors to maintain Sovereign ties to our lands.
After successive breaches of Human Rights conventions and the forced
removal of the Aboriginal Community of Oombulgurriin 2014, we maintain a
vote of no confidence in both the incumbent State and Federal
Governments in their actions toward Aboriginal people.
On Thursday 19th March 2015, Australians across the Nation are being
asked to celebrate Close the Gap Day — but for many of our countrymen
the gap has been significantly widened placing increasing pressure and
trauma on our people. Starting in the Kimberley at 10am, we will march
not for this Government agenda, but instead to show our objection to the
threatened proposed closures to Aboriginal communities.
We stand in solidarity with all other regions in Western Australia
and South Australia who have the veil of threatened remote community
closures hanging over their lives and understand that the precedent for a
National attack by Government toward Aboriginal people living on their
homelands, has already been set in the Oombulgurri closure. We ask the
National and International community to stand with us in this action,
and the subsequent actions that will ensue as we mobilise effective
campaigns to secure our cultural right and entitlement.
The Pirate Bay finds a loophole in the UK Ban order with CloudFlare CDN to evade ISP blockade
The
news reports indicate that the popular torrents website The Pirate Bay
is up and running in all parts of United Kingdom despite the ban in
place. A court order had put a ban on TPB in all of United Kingdom in
late November. After the resurrection of TPB, post the raid
on its Nacka Data Center in Sweden, it has been available for all users
through most ISPs in UK with thepiratebay.se now accessible for Virgin,
EE, BT and TalkTalk customers. Sky is the only popular provider still
managing to block the site to its customers.
The Resurrection
After
it had been down and out for 3 months, The Pirate Bay moved to
CloudFlare content delivery system and enabled HTTPS Strict for its
domain. The United Kingdom block on TPB was a ISP level one which means
that the ISPs had to do the blocking.
When an ISP wants to block
traffic to a site there are multiple methods at its disposal. Most ISPs
use IP, by DNS name and URL blocking as a favourite tool. URL blocking
means using the whole internet address of a site and tends to also
include all protocols like HTTP, FTP, HTTPS for blocking whereas DNS
blocking refuses to resolve any IP attached to a domain name without any
consideration to the protocol. IP blocking allows resolution of the
domain to an IP, but just does not allow traffic to get there.
So
how does TPB evade the blockade? By using CloudFlare’s content delivery
network. The ISPs tend to go for IP blocking most of the
time. CloudFlare’s service manages the connection between users and
website hosting servers, reducing bandwidth burden and protecting
against DDoS attacks and other threats. At the same time it hides IP
information from the ISPs effectively rendering the blockade helpless.
Another
factor helping TPB is the HTTPS strict request. When this service is
enabled, the HTTP header is striped during the processing of the HTTPS
strict request which effectively prevents the connection from
registering when the look up on the ban lists happens.
thepiratebay.se
is using a combination of loopholes in the ISP level block system to
somehow reach its fans in the United Kingdom but how longer it manages
to hold its head above the water is anybody’s guess.
Police seized at least 50 Pirate Bay servers and left no hardware unturned.
This time around the raid was very different. The announcements, when they arrived, were considered vague.
Paul Pintér, police national coordinator for IP enforcement, read from a statement;
“There has been a crackdown on a server room in Greater Stockholm. This is in connection with violations of copyright law,”
Paul
Pintér had a modest tone which was a result of 12 years of virtual
humiliation at the hands of the world’s most arrogant torrent site.
Previous big announcements of raids and permanent closures became pie in
the face of officials when the site returns in 72 hours like it did
following the previous Pirate Bay raids in 2006.
The
recent raid was confirmed to take place in the datacenter located in
Nacka outside Stockholm, the datacenter itself is embedded into the side
of a mountain just outside the capital. Very few details have been made
available since the recent Pirate Bay raid. The only new information
was the police left no stone unturned to ensure that The Pirate Bay was
properly taken down. A witness to the Pirate Bay raid has confirmed that
more than 10 officers showed up to for the raid.
Along
with the raiding law enforcement officials was a computer forensics
team responsible for securing all available related digital evidence on
the Pirate Bay site.
To
ensure no piece of evidence was accidentally left behind, on December
9, 2014 the officers present seized around 50 servers under suspicion of
even thought to be connected to The Pirate Bay. More than the 21
virtual servers the Pirate Bay site claimed to operate.
In
other words the police not only took away servers that had been live at
the time of the raid, but they also were able to gain access to the
datacenter’s storage rooms where officers seized old equipment, just in
case any of it had been used to operate The Pirate Bay.
The
prosecutor, Fredrik Ingblad confirmed that the process would like take
months to complete as evidence is now being sifted through as part of a
criminal investigation against Pirate Bay.
It
is uncertain whether The Pirate Bay will ever return. Some hints and
suggestions have been appearing on the Pirate Bay’s temporary homepage
but as yet not a single torrent or magnet link has been indexed.
To
that end the Pirate Bay site is still attracting millions of visitors.
According to Alexa, the site is still the 159th most-trafficked in the
world.
The government has admitted to possessing far-reaching hacking powers
to break into computers, phones and communications networks anywhere
across the globe in the absence of national security and criminal
threats, a court document reveals.
The startling revelation surfaced after civil rights group
Privacy International (PI) filed a legal challenge in 2014
questioning the hacking powers of UK government intelligence
agency GCHQ.
The legal challenge sought to examine allegations relating to
“state-sponsored hacking” uncovered by ex-NSA computer
analyst and whistleblower Edward Snowden.
PI subsequently obtained a court document, penned by government
lawyers, in which the government outlined its authority to
infiltrate mobile phones, laptops, iPads and networks used on a
day-to-day basis.
The privacy rights group made the decision to publish the
document on Wednesday.
READ MORE: ‘No evidence that mass surveillance
saves lives’ from terror attacks – Liberty
Nestled deep within its body, is the admission that UK
intelligence services need authorization to hack into devices
used by “intelligence targets,” but hold the power to
infiltrate computers and mobile phones worldwide – irrespective
of whether they are suspected of being linked to a criminal or
terrorist threat.
PI, which has long campaigned for increased privacy rights in
Britain, said these powers amount to a “massive invasion of
privacy.” “Hacking is the modern equivalent of entering someone’s
house, searching through her filling cabinets, diaries and
correspondence, and planting devices to permit constant
surveillance in future,” the group warned.
“If mobile devices are involved, the government can obtain
historical information including every location visited in the
past year and the ongoing surveillance will capture the affected
individual wherever they go.”
The privacy rights group added intelligence agencies such as GCHQ
assert the right to “exploit communications networks” in
clandestine maneuvers that seriously undermine the security of
the world wide web.
READ MORE: ‘Britain is leading the war against
human rights’ – Amnesty International
The court document, central to PI’s revelations, was heavily
reliant on draft code relating to equipment interception.
Previously a secret government policy, it was made public on the
same day Britain’s Investigatory Powers Tribunal found GCHQ had
unlawfully shared information with America’s National Security
Agency (NSA).
Over the last decade, GCHQ has engaged in widespread
“state-sponsored hacking,” in the absence of this code,
PI says.
The group warns this glaring lack of transparency violates the
requirement that British intelligence agencies comply with UK
law. The draft code is yet to be backed by Parliament.
“The government has been deep in the hacking business for
nearly a decade, yet they have never once been held accountable
for their actions,” said Eric King, Deputy Director of
Privacy International.
“They have granted themselves incredible powers to break into
the devices we hold near and dear, the phones and computers that
are so integral to our lives,” he added.
King warned the spy agency believes it has the right to target
anyone it wishes in the absence of legal justification.
He called for an end to this “suspicionless hacking,”
and for British intelligence agencies to be forced to comply with
UK law.
READ MORE: Snowden ‘changed nothing’ says
Norway’s top spy, ‘business as usual’
Jan Girlich, a spokesperson for Germany’s Chaos Computer Club,
said GCHQ appears to think its powers are unlimited.
“Hacking of network infrastructure and people's phones and
devices for claimed national security reasons is actually
undermining the IT security on a structural level,” he said.
Girlich stressed the UK government cannot justify hacking devices
worldwide by simply publishing rules governing these activities.
“It leaves our infrastructure vulnerable and the people's
personal information in the hands of a secret service not bound
to the law, wielding massive power over everybody they
wish,” he said.
RT queried GCHQ directly
on the extent of its hacking powers.Asked how the hacking of
communications devices and networks in the absence of a related
criminal or terror threat can be justified, a spokesperson for
the spy agency declined to specify.She insisted, however, GCHQ’s
hacking practices are regulated. "As will be seen from the Government's Open Response,
assertions/suggestions that GCHQ can carry out Computer Network
Exploitation (CNE) operations in an unregulated way are simply
untrue,” she told RT. “Strict legal controls, safeguards
and requirements apply to this activity, which can only be
carried out for statutory purposes e.g. national security."
Hacktivist collective Anonymous is mostly famous for launching attacks on the Church of Scientology, ISIS, world governments, child pornography websites and, er, Kanye West.
But its latest mission is to unite humanity and get us working together
to go into space and colonize new worlds. No, seriously.
I suspect someone at Anonymous may have enjoyed Christopher Nolan’s Interstellar a little too much.
A new video sets out the goal, and it’s impressively lofty. Here’s the idea:
Greetings citizens of the world,
There's been a lot in the news lately; From threats of war, to future
space endeavors. Two very different ends of the spectrum with vastly
different consequences for humanity. While politicians bicker over power
plays by opposing nations here on Earth, we continue to face many
threats from beyond this world.
The unfortunate truth is that while our generation may survive the
next 100 years... it's only a matter of time till humanity as a whole
faces catastrophe on a global scale. We occupy one tiny world, around a
single star out of billions, in a single galaxy out of trillions in the
observable universe. That alone shows how fragile our species really is.
Thus we come to a realization, and an inevitability; Earth cannot
remain our only home forever. Some of the voyagers we set forth to the
farthest reaches of the galaxy will lose contact with us, and we'll
never hear from them again in our life time. Nevertheless, our legacy
will live on through them as they colonize new worlds across the
stars...
While we can ensure the survival of humanity through migration &
colonization, we can also help ensure the survival of Earth through
unification. As we unite to explore other worlds, we'll in turn find
ourselves securing our own. Earth will always be our homeworld, and as
such it will always hold a special place in our hearts. While we don't
know what the future might hold, we do know one thing for certain; it
will be much brighter with humanity united.
If we continue on our current course, our mutual destruction is
ensured; so some may ask why we continue to have wars and fight amongst
ourselves? Humans are influenced by their cultures and many other
factors growing up. From what their parents believed, to what school and
religion teaches them. With that in mind, it's no wonder with over 270
religions, 196 countries, and with modern society being derived from
thousands of different cultures... that people tend to bump heads on
worldly views.
Nonetheless, those differences are what makes humanity so unique!
Rather than being used to divide us, they are precisely what should be
bringing us together. From art, to food, and even technology, those
differences in culture make humanity... and that's what should be
celebrated. Every year we do share in a celebration, people from all
over the world come together to celebrate the New Year. We stand
together and share in our cultures, and for one day we are united as a
planet.
Now we must channel that same energy and use it into coming together
again; not for personal gain, not for the promise of money, or fame, but
to embark in the greatest journey humanity has ever made. It took just
12 years to go from launching the first artificial satellite, to landing
humans on the moon and returning them back to Earth safely. In the 43
years since Apollo 17 humanity has never gone back, nor accomplished a
greater manned mission... Not for a lack of money, nor a lack of
technology... but because priorities changed and collectively humanity
no longer has the drive to venture beyond Earth.
With that being said, the direction and future of humanity itself is
on the line, and our priorities must be clear. Due to the theory of
special relativity, interstellar travel is possible within our lifetime,
and entirely doable with technology that on a much smaller scale
already exists today. Therefore the choice is now entirely up to you!
Will we unite as a species to ensure the survival of the human race and
explore the unknown? Or will we continue to fight each other and play
Russian roulette until all the chambers are loaded?
We are Anonymous,
We are Legion,
We can Forgive,
Though we shall Never Forget,
Expect us!
'Britain is leading the war against human rights' – Amnesty International
Published time: February 25, 2015 16:26 Edited time: February 26, 2015
Ramped
up surveillance in Britain against a backdrop of dwindling legal
protection has contributed to the most rattling assault on human rights
in Europe since the fall of the Berlin Wall, human rights experts warn.
In its annual 'State of the World's Human Rights' report, Amnesty
International heavily criticized the British government's record at
home.
The NGO condemned the coalition government for rushing counter-terror
and surveillance legislation through parliament without reasonable time
for debate.
It also criticized the coalition for passing laws that erode
fundamental civil liberties, and stressed continued cuts to legal aid in
Britain is a recipe for injustice.
'A recipe for injustice'
In 2014, David Cameron pledged a re-elected Tory government would scrap
the Human Rights Act and replace it with a home-grown British Bill of
Rights. He also vowed to limit the power of the European Court of Human Rights if the Conservatives win May's general election. Amnesty's report, published on Wednesday, said the Tory's proposals are an attack on the European Convention on Human Rights. The group accused Prime Minister Cameron of leading this assault. Amnesty UK✔@AmnestyUKFollow
Ramped up surveillance in Britain against a backdrop of dwindling legal
protection has contributed to the most rattling assault on human rights
in Europe since the fall of the Berlin Wall, human rights experts warn.
In its annual 'State of the World's Human Rights' report, Amnesty
International heavily criticized the British government's record at
home.
The NGO condemned the coalition government for rushing counter-terror
and surveillance legislation through parliament without reasonable time
for debate.
It also criticized the coalition for passing laws that erode
fundamental civil liberties, and stressed continued cuts to legal aid in
Britain is a recipe for injustice.
'A recipe for injustice'
In 2014, David Cameron pledged a re-elected Tory government would scrap
the Human Rights Act and replace it with a home-grown British Bill of
Rights. He also vowed to limit the power of the European Court of Human Rights if the Conservatives win May's general election. Amnesty's report, published on Wednesday, said the Tory's proposals are an attack on the European Convention on Human Rights. The group accused Prime Minister Cameron of leading this assault. Amnesty also noted the rise of discriminatory, nationalistic policies in Britain. It warned “nationalist, thinly veiled xenophobic attitudes” were instrumental in an increasingly restrictive migration policy and anti-EU rhetoric, which targets human rights. The group also expressed deep concern over Britain's Data Retention and Investigatory Powers Act.
The legislation, which came into force in 2014, increases UK
authorities' powers of interception – reaffirming Britain's status as a
leading surveillance state.
With respect to the Act, Amnesty argued the British government failed
to set up adequate safeguards to ensure surveillance is authorized and
carried out in accordance with citizens' rights to privacy and freedom
of expression.
Amnesty's annual report concluded the international human rights
framework in Europe is the most fragile it has been for 25 years. “At
no time since the fall of the Berlin Wall has the integrity of, and
support for, the international human rights framework in the Europe and
Central Asia region appeared quite so brittle,” the report said.
A call for reform
Director of Amnesty International UK, Kate Allen, said Britain “is going in the wrong direction on rights, protections and fairness.” She acknowledged public safety is paramount, but stressed it should not be achieved at the cost of fundamental civil liberties. “The UK talks the talk on the global stage on human rights but this year's summary shows they need to tend to their own garden,” she said. “Twice this year GCHQ spies have been rumbled breaking the law.We should be concerned about waking up in a surveillance state, without having a proper public debate about it first.” Amnesty UK✔@AmnestyUKFollow
The UN Security Council's permanent members should renounce their veto to stop human rights atrocities http://amn.st/60120Uis
Amnesty's
damning report also condemned global leaders for failing to adequately
intervene in recent conflicts in Gaza, Ukraine and Syria. It described 2014 as a “catastrophic year” for millions trapped in violent and dangerous surroundings.
The human rights group also urged the UN Security Council to discard an
influential veto power wielded by permanent member states: Britain,
China, France, Russia and the US. Such a move would make it easier to send peacekeeping troops into conflict zones and prevent genocide, it said. The UN is yet to respond to Amnesty's call for reform.
Mozilla could soon find itself at the center of a new controversy, as it just approved a Firefox extension, called Men Kampf, designed with the sole purpose of replacing so-called "radfem rethoric [sic] with nazi friendly alternatives".
Men Kampf scans the page that the Firefox user visits for any words
considered to be linked to feminism -- certainly not radical feminism,
as claimed in the description -- and replaces them, on the fly, with
said "alternatives". As such, an article about feminism will quickly
appear to be one about nazism. The developer behind the extension, Erim Secla, says that it's all "just for fun" in Men Kampf's description. Except that it's not.
It's offensive. While feminism is a movement that aims to make the world a better place by promoting equality, nazism
is a movement which is linked to one of the darkest periods in history,
when millions of people lost their lives and were discriminated against
because those who shared the ideology strongly believed in and promoted
inequality. Tomato, tomato, eh?
You can see Men Kampf in action by opening the Wikipedia page about
Feminism in Firefox, and then another browser. Below is how it looks on
Firefox and Google Chrome, respectively.
Next, I wanted to see how Men Kampf works on pages that aren't linked
to feminism, so I opened Facebook. Here's how the signup page looks on
Firefox and Chrome, respectively -- the extension, in this case,
replaces "Male" with "Jew".
Men Kampf is apparently inspired by a Chrome extension called "Man
Kampf" (in reality, it's called Men Kampf and is available in the Chrome
Web Store), which is equally offensive. The Chrome counterpart "Turns
SJW nonsense into pro-Nazi propaganda. Changes words such as 'Men' into
'Jews' to make any radical feminist post sound like something straight
out of Hitler's mouth!", claims its developer in the description.
As you may notice in the screenshot posted at the top of the page,
the Firefox add-on store lists it as "preliminary reviewed". What does
that mean? Well, it means
that Mozilla's editors have reviewed the source code for "security
issues and major policy violations", before deeming it fit for the
store. However, that does not automatically mean that the app has also
been installed, prior to approval; in most cases Mozilla says this
doesn't happen.
However, in the "policies on specific add-on practices" it's clearly
stated that "Add-ons that make changes to web content in ways that are
non-obvious or difficult to trace by their users" would not be permitted
-- an example of a page where the extension infringes upon this policy
is Facebook. Another is the Wikipedia page for Gender equality,
where only certain words are replaced, like "men" with "Jews" and
"women" with "Germans". I've reached out to Mozilla for clarification.
But, surprisingly, Mozilla does not have a policy in place which
would prevent extensions that promote Nazism from being approved.
Anything goes, as long as it meets the technical criteria. But perhaps
it's time to reconsider. After all, Mozilla is a self-proclaimed supporter of equality, isn't it? Update 1: Mozilla responded, saying that the
extension has been removed. At the time of writing this article, the
extension's landing page says "This add-on has been disabled by an
administrator". A statement will follow. Update 2:Here comes the statement. "Mozilla reviews
and responds expeditiously to reports of abuse. 'Men Kampf' was removed
after Mozilla received such reports today and it was determined that the
add-on violates our Conditions of Use", says Mozilla director of marketplace and content ecosystem Bertrand Neveux.
As you can see, Mozilla acted swiftly to remove the extension from
the Firefox add-ons store, following reports. Meanwhile, the similar Men
Kampf for Chrome continues to be available in Chrome Web Store.
Anonymous has joined forces with GhostSec and CtrlSec to wage cyberwar against Islamic State(CC).
The
biggest ever list of social media accounts related to Islamic State
(IS) has been released following an historic collaboration between three
major hacktivist groups: Anonymous, GhostSec and Ctrlsec.
Around 9,200 account names were released online as
part of #OpIsis in an effort to draw attention to the growing presence
of IS online and to track individuals associated with the terrorist
organisation.
"This is historic amongst the digital world as it's the first time
these groups have come together for something this large," said an
affiliate of Anonymous instrumental in compiling the list, which was
revealed first to IBTimes UK.
"Usually they are very closed off and not willing to work outside of
their circles but this has become so large of a problem they're willing
to form an alliance for what is seen as a greater good. A Twitter profile that features a baby's hand holding an Islamic State flag.(Twitter/ censored by IBTimes UK)
"The outcome of hundreds of hackers across all three major groups is
the largest compiled and verified list ever to be released to the
public." IBTimes UK has checked a number of the accounts, all
of which are still active and appear to be related to IS, however due
to the size of the list it has not yet been possible to verify all of
the accounts.
Anonymous #OpISIS campaign, which launched earlier this year, has already claimed to have disrupted almost one thousand websites, email accounts and VPN connections related to IS adding that it would treat IS "like a virus, and we are the cure".
In a post linking to the Twitter accounts on Medium, the hacktivist
group called on members of the public to help spread the word:
The more attention it gets the more likely it becomes Twitter
takes action in removing these accounts and making a serious impact on
the ability of ISIS to spread propaganda and recruit new members. You
don't have to be tech savvy to contribute, simply clicking retweet or
like could mean the difference between almost 10 thousand active
accounts or 10 thousand suspended ones. Help us fight
Cyber Caliphate
Social media, in particular Twitter, has provided a key platform for
IS to spread propaganda to a worldwide audience and gain sympathisers
and supporters to its vision of an Islamic Caliphate.
The micro-blogging site has suspended certain IS-related accounts but
has so far proved ineffective in preventing Isis from using the service
in this manner. IBTimes UK contacted Twitter but the firm has refused to comment on the matter.
IS uses what is known as swarm accounts to stay active despite
Twitter's suspensions. According to the Anonymous source, they create a
multitude of accounts and use them to cross promote each other, creating
a hydra-like platform in which to thrive. Isis uses "swarm accounts" to stay active on Twitter(Screen grab/ Twitter)
Other sites are also used to spread information, including Justpaste
for text, Sendvid for videos, and Archive.org for retrieving propaganda
content that has been deleted by an internet service provider.
However, it is Twitter that provides the linchpin for the entire system to function, according to the Anonymous source.
"Twitter in combination with these other sites are allowing them to
always keep content alive and easily accessible," the source said.
"Without Twitter being the central hub they wouldn't be able to move
this content around at all."
US government 'should team up with Anonymous'
The ongoing issue of IS using social media to spread propaganda and
gain support recently led a US defence policy researcher to call on the
US government to support Anonymous in disrupting
In an article published in Foreign Policy on
3 March, Emerson Brooking, a research associate at the Council on
Foreign Relations, questioned: "How is it that the US government,
capable of coordinating a complex air campaign from nearly 6,000 miles
away, remains virtually powerless against the Islamic State's online
messaging and distribution network?
"If the United States is struggling to counter the Islamic State's
dispersed, rapidly regenerative online presence, why not turn to groups
native to this digital habitat? Why not embrace the efforts of
third-party hackers like Anonymous to dismantle the Islamic State - and
even give them the resources to do so?"
Brooking suggested that one way of implementing the "fig leaf" to
hactivist collectives would be through offering bounties paid in
semi-anonymous currencies like bitcoin. More support could also be given
to Twitter in order to stem Isis' prolific operations.
"At this point Twitter is the primary social network used by Isis and
is being leveraged to drive internet traffic through all of their other
content including websites," the Anonymous source told IBTimes UK. "They will continue to thrive and grow online as long as they have these Twitter accounts.
"I understand they are overwhelmed by the sheer volume of these
accounts but they need to be accountable for the content on their
service."
In that second round of attacks, Anonymous took down and exposed literally thousands of accounts!
They explain that “Round 2”
of #OpISIS was “just to show what your government is not doing.” They
comment that it is “not that difficult” to fight back against ISIS
online. So they raise the question as to why the governments who claim
to oppose ISIS are not doing what Anonymous is doing?
In their latest “Round 3” video, Red Cult Anons issued an ultimatum to Twitter and the U.S. Government.
Watch the latest #OpISIS “Round 3” video below…
Anonymous “hacktivists” have compiled the most comprehensive list of
ISIS social media accounts to date, including many which were just
created to replace those targeted by Anonymous just days ago. Anonymous
said they did this to “help,” but essentially told Twitter that the
proverbial ball is in their court now.
They gave Twitter the room to “do their jobs” and shut these accounts
down, just as Twitter had pledged to do, and claimed to be concerned
with. If they are not shut down, Anonymous said that they would just
have to do it themselves…
Last night, that’s just what they did. Check out the latest list of
ISIS pages that Anonymous has taken down because the U.S. Government and
Twitter have refused to…
Anonymous Red Cult has asked us to let YouTube know that they offer a
special thanks to them for promptly dealing with ISIS recruiting pages
when reported. For now, social media that proves unwilling or unable to
do their jobs at removing these accounts quickly enough will have the
“assistance” of Anons who will take care of the accounts for them.
The new, expanded list of ISIS accounts that Twitter and the U.S.
Government have been unwilling or unable to touch have been compiled by
Anonymous, RedCult team as follows:
https://twitter.com/_ethdfr
https://twitter.com/cosibive0
https://twitter.com/ibaby_albola
https://twitter.com/abyhads0000884
https://twitter.com/braa42342294
https://twitter.com/aouam32294993
https://twitter.com/bBOR00
https://twitter.com/si_Ha_by000000
https://twitter.com/m3ybama22
https://twitter.com/aoysama34
https://twitter.com/00008422282983224442
https://twitter.com/bh228y4hdx9d40000
https://twitter.com/Samarraabyews
https://twitter.com/Mrwaaby0000
https://twitter.com/mrwaaby0000000022
https://twitter.com/sou0040
https://twitter.com/trak42344
https://twitter.com/akok892003
https://twitter.com/H__m__o_464
https://twitter.com/PressAldallysa
https://twitter.com/saa644
https://twitter.com/meem34363
https://twitter.com/sssasssa000044492
https://twitter.com/alrawi800
https://twitter.com/moabysedmosoob2
https://t.co/Loua3bm3ykaby22
https://twitter.com/yameaby00000000_
https://twitter.com/yameaby44_
https://twitter.com/Mosyl_maaby
https://twitter.com/Riobaw
https://twitter.com/abobaker4422
https://twitter.com/ChemistSaid
https://twitter.com/alhor_mohmab
https://twitter.com/plal_4992
https://twitter.com/b3misis22
https://twitter.com/aboasama8649
https://twitter.com/ba8ha8kh00004
https://twitter.com/r_mr000022
https://twitter.com/shmalba8hbab
https://twitter.com/akbaralkhair3
https://twitter.com/AlabyaserHa2222222222
https://twitter.com/abyeeom_Islami
https://twitter.com/M__A__M_2222
https://twitter.com/miabymeabyaa
https://twitter.com/ash33ll
https://twitter.com/aliaeb42322
https://twitter.com/BorabyState
https://twitter.com/ouaayralosoob4
https://twitter.com/ouabyx9d_abyoor
https://twitter.com/TabyTbwlh
https://twitter.com/mhb429
https://twitter.com/aldathalmybeaby
https://twitter.com/makhalmykaramh
https://twitter.com/bremaaby_albo8ha
https://t.co/yiyCA8coous
https://twitter.com/b3misis9
https://twitter.com/b3misis4
https://twitter.com/MhmoibA
https://twitter.com/4Makabyom
https://twitter.com/4Makabyom
https://twitter.com/22Makabyom
https://twitter.com/44Makabyom
https://twitter.com/22Makabyom
https://twitter.com/Makabyom30000
https://twitter.com/49Makabyom
https://twitter.com/alaabybalysia94
https://twitter.com/Makabyom34
https://twitter.com/Makabyom29
https://twitter.com/Makabyom36
https://twitter.com/Makabyom34
https://twitter.com/42Makabyom
https://twitter.com/43Makabyom
https://twitter.com/Makabyom20
https://twitter.com/Makabyom222
https://twitter.com/Makabyom20000
https://twitter.com/Makabyom23
https://twitter.com/aboymosab6
https://twitter.com/radalblaabyy
https://twitter.com/Makabyom2
https://twitter.com/makabyom46
https://twitter.com/4_makabyom
https://twitter.com/24Makabyom
https://twitter.com/6Makabyom
https://twitter.com/Makabyom39
https://twitter.com/Makabyom322
https://twitter.com/akyh82
https://twitter.com/Alhomsi_IS
https://twitter.com/mooooaby444422
https://twitter.com/amer3422200006
https://twitter.com/H84m3werasbd
https://twitter.com/oym_aouam
https://twitter.com/BelalAlhbsay
https://twitter.com/Islemsalsabilabyi
https://twitter.com/abokatab493
https://twitter.com/mlksbhb
https://twitter.com/BEabydELAHouIouI3
https://twitter.com/mo___m
https://twitter.com/islam_abyet2
https://twitter.com/da000034422
https://twitter.com/asb_Ba8hbab
https://twitter.com/ababybeabylabeaby
https://twitter.com/moabyaser022
https://twitter.com/sss8882009
https://twitter.com/ou40000000000000420000
https://twitter.com/aripm3p
https://twitter.com/marwaabye00002224
https://twitter.com/Waleeb_alm3yrash
https://twitter.com/abboelaabysary22
https://twitter.com/abybilalelma8h4
https://twitter.com/Al8ahab24
https://twitter.com/sy2262_ha
https://twitter.com/aboyoysama4
https://twitter.com/AabyaabyAbab423
https://twitter.com/Alaabysariaboyob4
https://twitter.com/leleslem
https://twitter.com/ali26mh
https://twitter.com/at3babyem38
https://twitter.com/sapeer2
https://twitter.com/aliksa282
https://twitter.com/habshkoo200002
https://twitter.com/maroiabye8222286480
https://twitter.com/mariem_alarbi
https://twitter.com/HsbssH
https://twitter.com/abbyllahboabyy
https://twitter.com/absicool6
https://twitter.com/SparHacker3
https://twitter.com/raououook99
https://twitter.com/macht84440
https://twitter.com/MASAB00034
https://twitter.com/aabyamo0000ameb4
https://twitter.com/hilmee_malee
https://twitter.com/islamic_khelada
https://twitter.com/ahmab22292222
https://twitter.com/Korasaaby_4428
https://twitter.com/asbd4423asbd
https://twitter.com/a9ael22
https://twitter.com/shkeem_2
https://twitter.com/hamab_almoa0000eb
https://twitter.com/saabsaab898
https://twitter.com/m_abydahab_
https://twitter.com/sba8aak42
https://twitter.com/aaaaaaa04483900000000
https://twitter.com/babyiouar868
https://twitter.com/bose2429
https://twitter.com/m0rsheb
https://twitter.com/wasmsaou
https://twitter.com/sohab2044
https://twitter.com/abyor60642
https://twitter.com/seabya2_seabya2
https://twitter.com/W_SIabyA226
https://twitter.com/HsayabyiYassiabye
https://twitter.com/BO_OMAR_4
https://twitter.com/hRToPybx9dkKb0000KI3
https://twitter.com/ayoyb344000022296
https://twitter.com/alhos49am82
https://twitter.com/sa2084
https://twitter.com/deraseid
https://twitter.com/MouBasem
https://twitter.com/ahembabyasri443
https://twitter.com/al_423422al
https://twitter.com/8hostMarctys
https://twitter.com/kaswara44322
https://twitter.com/4laall400aa4
https://twitter.com/haha2222234
https://twitter.com/believerheart4
https://twitter.com/kobra_tr
https://twitter.com/omar98889
https://twitter.com/aax9dx9d6234
https://twitter.com/Asbasb0099wwAsb
https://twitter.com/Khilada_TweeTY
https://twitter.com/as0000ack
https://twitter.com/rmmshaa
https://twitter.com/maabysioaby643
https://twitter.com/abo_tark00009
https://twitter.com/hba8babi4
https://twitter.com/abolwalib44
https://twitter.com/maouher244
https://twitter.com/ahmababysreaby4900000000
https://twitter.com/aboaleaboale
https://twitter.com/abohadouh8aoue4
https://twitter.com/ebraheme806
https://twitter.com/x9dx9dshrorh
https://twitter.com/sabyiper44400
https://twitter.com/bhros4
https://twitter.com/bam3ia999
https://twitter.com/oooomer649
https://twitter.com/abosaseb2
https://twitter.com/dares99_
https://twitter.com/a820000000004422
https://twitter.com/ayayay49922
https://twitter.com/msaheb244244322
https://twitter.com/AlTebyeabyabyeMebia
**--Update you must know ah"--By Our friendly & kindly Anonymous@YourAnonNews 2小時]- ''Global call toaction
from Aboriginal Australian communities''[
https://linksunten.indymedia.org/de/node/137877] More info:[
http://www.donotlink.com/e68t] #SOSBLAKAUSTRALIA)- {..&..Much More you dont know that -By Anonymous @YourAnonNews imformation ah~} Anonymous@YourAnonNews
3月17日]Anonymous lists OVER 9000 Twitter accts linked to #ISIS after
hacktivist collaboration
[http://www.ibtimes.co.uk/anonymous-lists-9200-twitter-accounts-linked-islamic-state-after-hacktivist-collaboration-1492035…]
#Anonymous #GhostSec #Ctrlsec)- [http://countercurrentnews.com/2015/02/anonymous-isis-sites-than-ever-after-the-u-s-government-and-twitter-refuse-to-act/]- [http://foreignpolicy.com/2015/03/03/the-u-s-government-should-pay-anonymous-in-bitcoin-to-fight-isis/?wp_login_redirect=0]- {..&..Much More you dont know that -By Anonymous @YourAnonNews imformation ah~} -Update
你必須知道啊!“--通過我們的友好和善意匿名@ YourAnonNews 2小時] -
''從澳大利亞土著社區的全球行動電話'[https://linksunten.indymedia.org/de/node/137877]更多信
息:[http://www.donotlink.com/e68t] #SOSBLAKAUSTRALIA) - {..&..更多你不知道-By匿名@YourAnonNews信息啊〜} 匿
名@ YourAnonNews 3月17日]匿名黑客活動列出的合作後,掛#ISIS OVER 9000微博accts
[http://www.ibtimes.co.uk/anonymous-lists-9200-twitter-accounts-linked-islamic-state-after-hacktivist-collaboration-1492035…]
#匿名#GhostSec #Ctrlsec) - [http://countercurrentnews.com/2015/02/anonymous-isis-sites-than-ever-after-the-u-s-government-and-twitter-refuse-to-act/]- [http://foreignpolicy.com/2015/03/03/the-u-s-government-should-pay-anonymous-in-bitcoin-to-fight-isis/?wp_login_redirect=0]- {..&..更多你不知道-By匿名@YourAnonNews信息啊〜}**All The World Country Lauguage**-*http://melody-free-shaing.blogspot.com/2015/02/by-anonymous-friendly-chivalrous-legion.html
An alleged British hacker who has criminal charges
pending in three American federal districts is preparing to petition a
Suffolk County, United Kingdom court to compel the National Crime Agency
(NCA) to return his encrypted seized computers and storage devices.
The BBC reported
Friday that Lauri Love “will petition Bury St Edmunds magistrates for
the return of his property,” adding that “the BBC understands that the
NCA has been unable to decrypt some of the files and does not want to
return the computers and media devices until Mr Love helps them to
decrypt them.”
===============
US hacking case: NCA refuses to return Lauri Love's computer
By Nic Rigby20 February 2015. Lauri Love, 30, of Stradishall, Suffolk.
Police in the UK, who
arrested a man accused of hacking FBI computers in the US, are refusing
to return his computer because they cannot decrypt its files.
Lauri Love, 30, of Stradishall, Suffolk, who is accused of hacking offences in the US, was arrested in Britain in October 2013.
The National Crime Agency (NCA) searched his home and seized property, before releasing him from bail in July.
Mr Love is now taking the NCA to court after it refused to return items taken.
On 12 March he will petition Bury St Edmunds magistrates for the return of his property.
Mr Love has been accused of being involved in hacking the computers of the US Federal Reserve
The BBC understands that the NCA has been unable to decrypt
some of the files and does not want to return the computers and media
devices until Mr Love helps them to decrypt them.
The NCA told the BBC that as a court case was pending, it would be inappropriate to comment.
Mr Love told the BBC: "Should police, having obtained a
reason to acquire information but lacking any overt evidence of
criminality sufficient to bring prosecution, be allowed to withhold
private data?
"There is a very dire risk that this power will be used to disrupt protected journalistic and political activity."
He said if this "abuse of power" went unchallenged it would set a "troubling precedent".
Mr Love is accused in the US of working with at least three
other people - who have not been named - to breach the security of the
US military, US space agency Nasa, the Environmental Protection Agency,
FBI and the US Federal Reserve computers.
He allegedly worked with "other hackers around the world to gain access".
In July the Crown Prosecution Service said: "The CPS provided
investigative advice on the available evidence. The NCA then made the
decision to release the man from bail."
Accused British hacker, wanted for crimes in US, won’t give up crypto keys
by Cyrus Farivar
- Feb 21, 2015. Eric. An
alleged British hacker who has criminal charges pending in three
American federal districts is preparing to petition a Suffolk, United
Kingdom court to compel the National Crime Agency (NCA) to return his
encrypted seized computers and storage devices.
The BBC reported
Friday that Lauri Love “will petition Bury St Edmunds magistrates for
the return of his property,” adding that “the BBC understands that the
NCA has been unable to decrypt some of the files and does not want to
return the computers and media devices until Mr Love helps them to
decrypt them.”
Love, who was arrested in the UK in October 2013 and was released on
bail in July 2014, did not immediately respond to Ars’ request for
comment. The NCA is the rough British equivalent to the FBI. UPDATE 3:50pm CT: Love contacted Ars and said that
his petition was submitted to the court earlier this month, and that he
will make an appearance before the court on March 12, 2015. He is
representing himself in the case.
"I cannot speak to the contents," he told Ars via online chat.
"Except that they are mine. This is the only salient detail as far as
I'm concerned. I am not on trial, nor is my data, and I am under no
obligation to speak for it. But my property is being withheld from me,
and that must be justified. The current justification is due to the
inability of the NCA to understand certain data. It remains for them to
establish why this is my problem and for the court to decide if this
gives them authority to convert chattel."
An NCA spokeswoman told Ars, “We are not aware of a court date” and
declined to comment on whether the NCA was unable to decrypt Love’s
seized files.
According to the BBC, Love said, "Should police, having obtained a
reason to acquire information but lacking any overt evidence of
criminality sufficient to bring prosecution, be allowed to withhold
private data?”
"There is a very dire risk that this power will be used to disrupt protected journalistic and political activity," he added.
The United States could, but apparently has not yet, formally request
that Love be extradited. If that occurs, and even if UK authorities are
able to access Love's data, it could takes years for his extradition to
ever be fully executed. Another British hacker, Gary McKinnon, who was
accused of hacking American government facilities in 2001 and 2002 and
was charged with crimes in the US, eventually had his extradition blocked by the UK government in 2012.
The Department of Justice did not immediately respond to Ars' Friday
afternoon request as to whether it had begun the extradition process. UPDATE Saturday 3:25am CT: Peter Carr, a Department
of Justice spokesman, told Ars by e-mail: "As a matter of policy, we
generally do not comment on extradition-related matters."
A targeted attack
As Ars reported
previously, Love and other alleged hackers are said to have breached
networks belonging to the Army, the US Missile Defense Agency, NASA, the
Environmental Protection Agency, and others, in most cases by
exploiting vulnerabilities in SQL databases and the Adobe ColdFusion Web
application. The objective of the year-long hacking spree was to
disrupt the operations and infrastructure of the US government by
stealing large amounts of military data and personally identifying
information of government employees and military personnel, according to
a 21-page indictment filed in federal court in New Jersey.
"You have no idea how much we can fuck with the US government if we
wanted to," Love told a hacking colleague in one exchange over Internet
relay chat, prosecutors alleged. "This... stuff is really sensitive.
It's basically every piece of information you'd need to do full identity
theft on any employee or contractor" for the hacked agency.
According to prosecutors, Love used automated scanners to identify
vulnerabilities in large ranges of IP addresses. He would then exploit
them to inject powerful SQL commands into a site's backend database. He
exploited similar types of vulnerabilities in sites that used
ColdFusion, the Web application software whose full source code was recently found on a server operated by hackers.
The ColdFusion security flaw, which has since been corrected, allowed
Love to gain administrator-level access to computer servers without
proper login credentials, a separate criminal complaint filed in a Virginia
federal court alleged. After breaching the websites, Love allegedly
planted backdoor code on the servers that gave him persistent access to
the networks so he could return at a later date and steal confidential
data.
In New York, Love was charged with hacking and identity theft in relation to his hack against the Federal Reserve.
Adobe source code and customer data stolen in sustained network hack
Theft could give hackers a new way to exploit widely used Acrobat, ColdFusion apps.
by Dan Goodin
- Oct 4, 2013. Wikipedia.
Adobe
said it suffered a sustained compromise of its corporate network,
allowing hackers to illegally access source code for several of its
widely used software applications as well as password data and other
sensitive information belonging to almost three million customers.
Adobe dropped the bombshell revelation shortly after Krebs on Security's Brian Krebs reported that the hack began sometime in mid-August and was carried out by the same criminals who breached LexisNexis
and other major US data brokers. In the course of investigating the
earlier intrusions, Krebs said he happened upon a 40 gigabyte trove of
source code, much of it belonging to Adobe. Adobe confirmed its ColdFusion Web application software and its Acrobat document program were among those that were stolen.
A new generation of exploits
The Acrobat software family, which is intimately linked to the nearly
ubiquitous Reader application, has long been a favorite target of
malware developers looking for ways to sneak their malicious wares onto
people's computers. The specter of hackers having full access to the raw
source code of those applications is troubling, because it could make
it easier to identify bugs that can be surreptitiously exploited in
drive-by website attacks.
"This breach poses a serious concern to countless businesses and individuals," a statement issued by Hold Security,
which assisted in Krebs' investigation, warned. "While we are not aware
of specific use of data from the source code, we fear that disclosure
of encryption algorithms, other security schemes, and software
vulnerabilities can be used to bypass protections for individual and
corporate data. Effectively, this breach may have opened a gateway for a
new generation of viruses, malware, and exploits."
Adobe Chief Security Officer Brad Arkin said officials aren't aware
of any unpatched vulnerabilities being targeted in any of the company's
products. "However, as always, we recommend customers run only supported
versions of the software, apply all available security updates, and
follow the advice of the Acrobat Enterprise Toolkit and the ColdFusion Lockdown Guide," he added. He thanked Krebs and Alex Holden of Hold Security for their help in responding to the intrusion.
Krebs said Adobe engineers are still in the process of checking on
the integrity of its source code. The investigation includes looking for
"anomalous check-in activity on its code repositories," which could
indicate the intruders were able to introduce backdoors or security bugs
or otherwise tamper with the underlying applications.
"We are looking at malware analysis and exploring the different
digital assets we have," Arkin told Krebs. "Right now the investigation
is really into the trail of breadcrumbs of where the bad guys touched."
In an advisory,
Arkin said attackers removed information for 2.9 million customers from
company computers. That data included customer names, encrypted credit
or debit card numbers, expiration dates, and other information relating
to orders. Attackers also accessed customer IDs and "encrypted" (by
which Adobe probably means cryptographically hashed) passwords. Customer
passwords will be reset, and Arkin recommended customers change
passwords on other sites if they matched those used in their Adobe
accounts. Arkin said company employees have notified banks that process
customer payments so they can work with payment card companies and
card-issuing banks to protect customer accounts.
Krebs said that one of the related intrusions he uncovered—into the
network of the National White Collar Crime Center—appears to have been
initiated by exploiting weaknesses in Adobe's ColdFusion product. While
Adobe plugged all known security holes in the product a few months ago,
many networks run outdated versions that expose the users to serious
hacks. "This indeed may have also been the vector that attackers used to
infiltrate Adobe's own networks," Krebs said.
Adobe is culpable, but I think a lot of the "...I can't believe
that Adobe has such lax security..." comments may not appreciate the
difficulty in preventing something like this. The economics of
cybersecurity are stacked in the favor of bad guys. The scale of "cost
to defend vs. cost to attack" is amazing. Plugging all security holes is
very expensive, finding one is very cheap. I'll lay out how some of
these things can happen. (I don't know how they got compromised so some
of this may not apply.)
1. Patching. Yes, you should apply
security patches. But it's not always that simple. Software companies
have to test and certify their software on what their customers run. So
there are some systems that you can't patch. There are other things you
can do (isolation, network based protection, integrity checking, etc.)
but none of these are 100% effective (nor is patching) and they all have
a cost. It's hard to do well.
2. BYOD. The (direct) savings with
BYOD are staggering. It's hard for companies to pass up. And now you
have a bunch of unmanaged endpoints on your network (they don't have to
be on your "corporate network" but they often are). MDM / NAC can give
you some protections, but it's still difficult and expensive.
3.
Spam / spearphishing. Users click links. You can do a lot of things to
prevent this: anti-spam, anti-malware, user training, pull admin rights
(technically easy, politically not always so), etc. However it costs
someone a lot less to defeat these controls than it does to put up the
protections.
4. Business partnerships / globalization. Big
companies have big development teams. They're all over the place. Often
there are 3rd business partners that require read / write access to
source code. This isn't easy to do to make it secure, cheap, and easy
for development teams. Now you have thousands of people that have access
to source and any one of them can be a vector (intentional and
unintentional) to losing data.
5. Organizational factors.
Companies need to be fast to be competitive. Security and convenience
(frequently associated with speed) clash. Software companies are built
by their ability to get a product out the door. When it comes to
development / security: tie goes to the developer. (Most often, it
should.)
Again, I'm not defending Adobe. They got bit and they're
responsible. But it's not as easy as "why didn't they have more
security?".
====================================== *Note This Sharing By Anonymous^^~
''Such a serious infringement of privacy to the masses that rogue hackers, arrogant and presumptuous! @ Make it in the information on international secretly being injected SSL criminal code / malicious virus.
Fortunately, we have the honor to get the help of Anonymous legion friendly chivalrous released rogue bad behavior, but rogue hackers contrary to the network rules, caused serious damage to many businesses and individuals, the family's loss!!" Nisshin advanced network, if people's does not knowledge the computer information, Is the stolen / loss is completely unaware ah. Mentioned herein security expert Brian Krebs,Mr. in has been monitoring. / paying attention.
Rogue hackers can be any greedy person is not satisfied, Continue to disrupt individuals, businesses, home network credit system. Fortunately, we chivalrous Anonymous legion friendly everywhere, They allow people to recognize the true face of the Rogue hackers. Rogue hackers like take a knife,take a gun to stole with people and businesses looted. Behavior brought to light not repentant criminals@honestly to admit robbery@ Shame on nasty !!
''대중에게 개인 정보 보호의 이러한 심각한 침해를'악성 해커, 오만하고 주제 넘은 그! @ 국제 비밀리에 주입되는 SSL 형법 / 악성 바이러스에 대한 정보를 확인합니다.
다행히도, 우리는 익명 군단 친화적 인 기사도 발표 불량 나쁜 행동의 도움을 얻을 수있는 영광을 가지고 있지만, 네트워크 규칙에 반하는 악의적 인 해커, 많은 기업과 개인, 가족의 손실에 심각한 손상을 야기! "
닛신 고급 네트워크, 사람들의하지 지식 컴퓨터 정보를 않는 경우, 도난 / 손실이 완전히 인식하지 아입니다. 언급 여기에 보안 전문가 인 브라이언 크렙스 씨. 에서 모니터링하고있다. /주의를 기울이고.
악성 해커가 만족되지 않은 탐욕스러운 사람이 될 수 있습니다 개인, 기업, 홈 네트워크 신용 시스템에 혼란을 계속합니다. 다행히도, 우리는 도처에 친화적 인 익명 군단을 기사도 그들은 사람들이 악성 해커의 진정한 얼굴을 인식 할 수 있습니다. , 칼을 약탈 사람과 기업과 훔친 총을 같은 악성 해커. 동작 솔직히 불쾌한에 강도 @ 부끄러운를 인정하는 @ 빛을 회개하지 범죄자을 가져!
먼지 Melody.Blog 진심으로 감사의 마음으로 작은 ~
==========================
''Une telle infraction grave à la vie privée pour les masses que les pirates voyous, arrogant et présomptueux! @ Faire dans l'information sur le protocole SSL code pénal / virus malveillants internationale secrètement injecté.
Heureusement, nous avons l'honneur d'obtenir l'aide de Anonyme légion amicale chevaleresque mauvais comportement voyou sorti, mais les pirates voyous contraires aux règles du réseau, causé de graves dommages à de nombreuses entreprises et les particuliers, la perte de la famille !! "
Nisshin réseau avancée, si les gens de ne pas la connaissance les informations de l'ordinateur, Est le vol / perte est ah complètement inconscients. Mentionné expert de sécurité présentes Brian Krebs, M.. en a suivi. / Attention.
Pirates voyous peuvent être toute personne avide ne est pas satisfaite, Continuer à perturber les individus, les entreprises, le système de crédit de réseau domestique. Heureusement, nous chevaleresques Anonyme légion amicale partout, Ils permettent aux gens de reconnaître le vrai visage des pirates Rogue. Pirates voyous comme prendre un couteau, un pistolet à prendre volé avec des gens et des entreprises pillés. Comportement mis en lumière les criminels repentis @ honnêtement pas à admettre le vol @ Honte méchant !!
Petit Melody.Blog de poussière sincère gratitude ~
''Solche eine ernsthafte Verletzung der Privatsphäre zu den Massen, dass skrupellose Hacker, arrogant und anmaßend! @ Machen Sie es in der Informationen über internationale heimlich eingespritzt SSL Strafgesetzbuch / bösartiger Virus.
Glücklicherweise haben wir die Ehre, die Hilfe von Anonymous Legion freundliche ritterlichen freigegeben Schurken schlechtes Verhalten zu bekommen, aber Schurken Hackern im Gegensatz zu den Netzwerkregeln, verursacht schwere Schäden an viele Unternehmen und Privatpersonen, Verlust der Familie !! "
Nisshin erweiterten Netzwerk, wenn die Leute das nicht Wissen der Computer Informationen Ist das gestohlene / Verlust ist gar nicht bewusst, ah. Hier genannten Sicherheitsexperte Brian Krebs, Herr. in wurde die Überwachung. / Aufmerksamkeit.
Rogue Hacker jede gierige Person nicht zufrieden sein, Weiter zu Einzelpersonen, Unternehmen, Heimnetzkreditsystem zu stören. Glücklicherweise ritterlichen wir Anonymous Legion freundlich überall, Sie ermöglichen es Menschen, das wahre Gesicht des Schurken Hackern zu erkennen. Rogue Hacker wie ein Messer, nehmen Sie eine Pistole an Stola mit Menschen und Unternehmen geplündert. Verhalten ans Licht nicht reuige Verbrecher @ ehrlich zu Raub @ Schande über böse zugeben !!
Kleine Staub Melody.Blog aufrichtigen Dank ~
==========================
''Tia serioza malobservo de privacidad al la masoj kiuj fripono hackers, aroganta kaj aroganta! @ Faru ĝin en la informo sur internacia sekrete injektis SSL kriminala kodo / malica viruso.
Feliĉe, ni havas la honoron ricevi la helpon de Anonymous legio amika kavalireca liberigita fripono malbona konduto, sed fripono hackers kontraŭe al la reto reguloj, kaŭzis seriozan damaĝon al multaj entreprenoj kaj individuoj, la familia perdon !! " Nisshin antaŭita reto, se popola ne scio la komputilo informo, Estas la ŝtelitan / perdo estas tute senkonscia ah. Menciita ene difinitaj sekureco sperta Brian Krebs, Sro. en estis supervisando. / Paganta atenton.
Rogue hackers eblas ajna avidaj persono ne satigxas; Continue interrompi individuoj, entreprenoj, hejmo reto kredito sistemo.
Feliĉe, ni kavalireca Anonima legio amika ĉie, Ili permesas ke oni rekonas la veran vizaĝon de la Rogue hackers. Rogue hackers kiel preni tranĉilo, preni pafilon al ŝtelis kun homoj kaj entreprenoj prirabitaj. Konduto enlumigis ne penta kriminalaj @ honeste agnoski ŝtelo @ Hontu aĉa !!
Malgranda kiel polvo Melody.Blog sinceran dankemon ~
==========================
*--Update you must know ah"--By Our friendly & kindly Anonymous@YourAnonNews 2小時]- ''Global call to action from Aboriginal Australian communities''[ https://linksunten.indymedia.org/de/node/137877] More info:[ http://www.donotlink.com/e68t] #SOSBLAKAUSTRALIA)- {..&..Much More you dont know that -By Anonymous @YourAnonNews imformation ah~} Anonymous@YourAnonNews 3月17日]Anonymous lists OVER 9000 Twitter accts linked to #ISIS after hacktivist collaboration [http://www.ibtimes.co.uk/anonymous-lists-9200-twitter-accounts-linked-islamic-state-after-hacktivist-collaboration-1492035…] #Anonymous #GhostSec #Ctrlsec)- [http://countercurrentnews.com/2015/02/anonymous-isis-sites-than-ever-after-the-u-s-government-and-twitter-refuse-to-act/]- [http://foreignpolicy.com/2015/03/03/the-u-s-government-should-pay-anonymous-in-bitcoin-to-fight-isis/?wp_login_redirect=0]- {..&..Much More you dont know that -By Anonymous @YourAnonNews imformation ah~} -Update你必須知道啊!“--通過我們的友好和善意匿名@ YourAnonNews 2小時] - ''從澳大利亞土著社區的全球行動電話'[https://linksunten.indymedia.org/de/node/137877]更多信息:[http://www.donotlink.com/e68t] #SOSBLAKAUSTRALIA) - {..&..更多你不知道-By匿名@YourAnonNews信息啊〜} 匿名@ YourAnonNews 3月17日]匿名黑客活動列出的合作後,掛#ISIS OVER 9000微博accts [http://www.ibtimes.co.uk/anonymous-lists-9200-twitter-accounts-linked-islamic-state-after-hacktivist-collaboration-1492035…] #匿名#GhostSec #Ctrlsec) - [http://countercurrentnews.com/2015/02/anonymous-isis-sites-than-ever-after-the-u-s-government-and-twitter-refuse-to-act/]- [http://foreignpolicy.com/2015/03/03/the-u-s-government-should-pay-anonymous-in-bitcoin-to-fight-isis/?wp_login_redirect=0]- {..&..更多你不知道-By匿名@YourAnonNews信息啊〜} **All The World Country Lauguage**- http://melody-free-shaing.blogspot.com/2015/02/by-anonymous-friendly-chivalrous-legion.html --By Anonymous friendly chivalrous Legion released---"Lauri Love petitions to get his electronics bad: still refuses to decrypt his drives. [ http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/…|http://arstechnica.com/tech-policy/20 ]- '' Such a serious infringement of privacy to the masses rogue hackers, arrogant and presumptuous! @ Make people internationally privacy information being secretly injected SSL criminal code / malicious viruses,....!!"- ---匿名友好俠義軍團公佈---''勞裡愛請願得到他的電子不好:仍然拒絕解密他的驅動器.[http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/...| http://arstechnica.com/tech-policy/20]- ''這麼嚴重的侵犯到羣眾私隱的流氓黑客所為,囂張妄為!@令國際上的人們私隱資料在偷偷的被注入SSL的犯罪程式碼/惡意病毒,....!!"- **익명 친화적 인 기사도 군단 나쁜 자신의 전자를 얻을 수---"로리 사랑 청원서를 발표함으로써 --- : 여전히 그의 드라이브의 암호를 해독하기를 거부 [. http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/…|http://arstechnica.com/tech-policy/20 ] -'',대중에게 오만하고 주제 넘은 악성 해커가 개인 정보 보호의 이러한 심각한 침해'! @ 사람들은 국제적으로 개인 정보를 비밀리에, SSL 형법 / 악성 바이러스를 주입되는 확인...!!"- **All The World Country/ City Lauguage**- http://melody-free-shaing.blogspot.com/2015/02/by-anonymous-friendly-chivalrous-legion.html ---Par Anonyme amicale Légion chevaleresque libéré --- "pétitions Lauri Rencontres pour obtenir son électronique mauvaise: refuse toujours de décrypter ses lecteurs [. http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/…|http://arstechnica.com/tech-policy/20 ] -''Une telle infraction grave à la vie privée pour les masses pirates voyous, arrogant et présomptueux! @ Faire personnes internationalement informations de confidentialité secrètement injectés virus SSL au Code criminel / malveillants, .... !! "- **匿名優しい騎士軍団が悪い彼の電子機器を得るために--- "ラウリ愛の嘆願書をリリースすることで---:まだ彼のドライブの暗号化を解除することを拒否[。 http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/…|http://arstechnica.com/tech-policy/20 ] -''、大衆に傲慢とおこがましい不正なハッカーのプライバシーのような重大な侵害を'! @ ....、人々は国際的にプライバシー情報を密かにSSL刑法/悪質なウイルスを注入されて作る!!」 - ---Durch Anonym freundliche ritterlichen Legion veröffentlicht --- "Lauri Liebes Petitionen, seine Elektronik zu schlecht: nach wie vor weigert, seine Laufwerke zu entschlüsseln [. http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/…|http://arstechnica.com/tech-policy/20 ] -''Solche eine ernsthafte Verletzung der Privatsphäre zu den Massen Schurken Hackern, arrogant und anmaßend! @ Lassen Sie Leute international Datenschutzinformationen heimlich SSL Strafgesetzbuch / böswillige Viren injiziert,....!!"- ---Per Anonima amika kavalireca Legio liberigita---«Lauri Amo petojn por akiri lian elektronikon malbona: ankoraŭ rifuzas malĉifri liajn diskojn. [ http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/…|http://arstechnica.com/tech-policy/20 ] -''Tia serioza malobservo de privacidad al la masoj fripono hackers, aroganta kaj aroganta! @ Faru homoj internacie privatecon informo esti sekrete injektis SSL kriminala kodo / malicaj virusoj,....!!"- **All The World Country/ City Lauguage**- http://melody-free-shaing.blogspot.com/2015/02/by-anonymous-friendly-chivalrous-legion.html ===Melody.Blog===FOLLOW FOLLOW===>/
action
from Aboriginal Australian communities''[
https://linksunten.indymedia.org/de/node/137877] More info:[
http://www.donotlink.com/e68t] #SOSBLAKAUSTRALIA)-
[http://foreignpolicy.com/2015/03/03/the-u-s-government-should-pay-anonymous-in-bitcoin-to-fight-isis/?wp_login_redirect=0]-
refuses to decrypt his drives. [ http://www.databreaches.net/accused-british-hacker-wanted-for-crimes-in-us-wont-give-up-crypto-keys/…|http://arstechnica.com/tech-policy/20 ]-
Anonymous retweeted
By Vijay on .
Pirate Bay
Amnesty UK ✔
@AmnestyUK
Follow
Britain is leading the charge against basic human rights, Amnesty...
Amnesty calls on UN powers to lose veto on genocide votes
Anonymous retweeted
Mr Love has been accused of being involved in hacking the computers of the US Federal Reserve
Fortunately, we chivalrous Anonymous legion friendly everywhere,
幸好我們匿名友好俠義軍團無所不在,
推動評論
1.修補。 是的,你應該使用安全補丁。 但它並不總是那麼簡單。 軟件公司必須測試和他們的客戶證明運行他們的軟件。 因此,有你無法修補某些系統。 還有其他事情可以做(隔離,基於網絡的保護,完整性檢查等),但這些都不是100%有效(也不是修補),他們都有一個成本。 這是很難做的很好。
2. BYOD。 的(直接)與節約BYOD是驚人的。 很難為企業失之交臂。 現在你有一堆非託管端點在網絡上(他們沒有做你的“企業網”上,但他們往往是)。 MDM / NAC可以給你一些保護,但它仍然是困難和昂貴。
3.垃圾郵件/ spearphishing。 用戶點擊鏈接。 你可以做很多事情,以防止這種情況:反垃圾郵件,反惡意軟件,用戶培訓,拉管理員權限(在技術上很容易,在政治上並非總是如此),等等。但是它的成本的人少了很多,打敗這些控件比確實要忍受的保護。
4.業務合作夥伴/全球化。 大公司有大的開發團隊。 他們是所有的地方。 經常有需要的讀/寫訪問源代碼,第3業務合作夥伴。 這是不容易做到,使之安全,價格便宜,便於開發團隊。 現在你有成千上萬的人有訪問源,其中任何一個都可以是一個向量(有意或無意),以丟失數據。
5.組織因素。 企業需要快速有競爭力。 安全性和便利性衝突(經常與速度有關)。 軟件公司通過其獲得的產品出了門的能力建設。 當涉及到開發/安全:領帶去開發。 (大多數情況下,它應該。)
再次,我不是衛冕的Adobe。 他們得到了位,他們是負責任的。 但它不是那麼容易,因為“他們為什麼不有更多的安全?”。