⤫ Kununu Ե Twitter ⴳ  Flattr
 
 

Leitartikel

Der Bereich Leitartikel ist neben jenem für Neuigkeiten einer von zwei wesentlichen Bereichen für Information dieser Internetpräsenz. Alle zur verfügung stehenden Artikel sind im Folgenden aufgeführt.
Mittwoch, 15. Juni 2016
Eine Übersetzung für diesen Text ist nicht verfügbar.  Bitte wählen Sie die englische Version.
A previous version of this article initially appeared on »House of Hackers« in June 2008, posted by seconded agent A. Denton of directorate I: intelligence (ICT). Some aspects of it long remained significant for the organization's sectret day-to-day operations. On these grounds the article could not be declassified and published before.

In 2008 ED Denton used to work as an apprentice in the field of web engineering and security, when she was asked to assist GD Hollstein in an NGO web portal security audit. A subsequent report, which included a CoA along with a security and QA statement, had to be composed in due time. Step 1: System Lookup+Scans: The team first gathered target information, i.e. ISP and location, DNS records, OS and web/app server details. Further everything about the ISP's infrastructure itself, as well as information for later social engineering, was ascertained. To accomplish that, unixoid OSs and programs, i.e the 2007 BackTrack 3 GNU/Linux, next to publicly available database records from several authorities were employed. Of course every such software also required basic knowledge about ISO models, protocols, RFCs, networks and OSs to avoid potential hazards. Eventually the team discovered the targets were Gentoo GNU/Linux systems with kernel v2.4.22, hardened with grsecurity.
Zuletzt aktualisiert (Mittwoch, 15. März 2017)
 
 
Freitag, 1. Mai 2015
Eine Übersetzung für diesen Text ist nicht verfügbar.  Bitte wählen Sie die englische Version.
The QUANTUM project was one of the most top-secret ventures of the NSA. During the last months several news agencies reported on that specific technology. Since ✛ΔO considers the project as one of NSA's most eminent threats to society until this day, the organization therefore published this assessment along with an evaluation of countermeasures.

As Bruce Schneier wrote in his book »Data and Goliath«, the clandestine QUANTUM project was meant to be kept as secret as possible. In the meantime though various reports indicated that this project was not the only one of its kind, but that the Chinese government is in possession of a very capable »Great Firewall of China«, for a longer period of time already. Quite often authors confused that one with the »Great Cannon of China« which is a different system indeed. The article »Don’t Be Fodder for China’s ‘Great Cannon’« roughly outlined the inner workings of the »Great Firewall« and the »Great Cannon«. It showed that the firewall only prevents access to sites by either blocking or redirecting requests, while the cannon does more and actually injects packets into the stream. That is because to call forth a more complex desired behavior on the machine, where the initial request originated from. Therefore that cannon is more comparable to NSA projects like FOXACID.
Zuletzt aktualisiert (Freitag, 1. Mai 2015)
 
 
Donnerstag, 15. Mai 2014
Eine Übersetzung für diesen Text ist nicht verfügbar.  Bitte wählen Sie die englische Version.
In early April 2014 two independent IT security specialists from Codenomicon and Google Security discovered a flaw introduced into OpenSSL in December 2011. This article does not cover the happening itself, but focuses on common misunderstandings and wrong interpretations with regards to the catastrophe.

One common misinterpretation was that "Heartbleed", which is the way the flaw/bug was prematurely called, would only affect current versions of OpenSSL. However the truth is that older versions were affected as well – number 1.01 and 1.02 to be more precise. OpenSSL is a piece of software to encrypt traffic of connections on transport layer, which mostly affects TCP connections. The TCP/IP-stack is the dominant protocol-stack on the internet consisting of about 500+ different protocols. Since a lot of higher-level protocols, such as HTTP partially rely on encryption, TLS/SSL is employed on a regular basis to satisfy this constraint. For a disambiguation between TLS/SSL and SSH we suggest the article on Snailbook for reference. Basically OpenSSH is a protocol with several sub-protocols. (e.g. for multiplexing, password-based authentication, terminal management, etc.) which implements non-PKI authentication from S (session) to A (application) layer of the ISO:OSI model.
Zuletzt aktualisiert (Mittwoch, 1. April 2015)
 
 
Freitag, 15. März 2013
Eine Übersetzung für diesen Text ist nicht verfügbar.  Bitte wählen Sie die englische Version.
After two years in the making, the organization released its new offline Web Content Management System, named »LXCMS«. That system is part of the organization's recent strategy to improve its overall system security, in the wake of increased world-wide threats to cyber as well as information security.

The new system is set to improve the situation in the area of content delivery, though Joomla! SE was our trusted wCMS software in operation for a long time. However the underlying Joomla! was always developed for the masses to fit their unspecific needs. Additionally Joomla! was always licensed under the GNU/GPL, unlike our new LXCMS which was put under our much simpler LTDL 2010. With Joomla! SE we could not have done the same thing for obvious legal reasons. Also Joomla may have been easy to install and upgrade, but was time-consuming to administer in later stages of use. The Joomla core itself was reliable indeed and so was the core of our wCMS Joomla! SE. Further developments though required our systems engineers to acquire a deeper knowledge of the software's code base. Unfortunately development was never optional but explicitly mandatory, since new features and security enhancements had to be ported back to our advantage and our security.
Zuletzt aktualisiert (Mittwoch, 1. April 2015)
 
 
Mittwoch, 1. Februar 2012
Eine Übersetzung für diesen Text ist nicht verfügbar.  Bitte wählen Sie die englische Version.
During the last years Google's WebKit-based browser Chrome from the Chromium software project has become increasingly popular. This article focuses on the inherent security design of the user agent and its interaction with the underlying OS.

The Linux kernel used in (most unixoid operating systems) every single GNU/Linux distribution, including Chrome OS, inherits the traditional UNIX semantics which consists of two basic levels for process execution, file system object permissions and thus access restriction, namely "root" and "non-root". Thereby root processes are allowed to do nearly everything on the system, whereas non-root processes are limited in their executional behavior. Without architectural concepts like MAC (Mandatory Access Control) this is the way one has to run software on such an RBAC (Role Based Access Control) based system. That seems to be a simple solution to most use-cases regarding process execution and object access restriction, but it also means that any given program which requires a high level of privileges (root privileges) must be made root. That can ether be achieved by direct execution with root privileges or e.g. by execution as a different user using Dennis Ritchie's SUID mechanism.
Zuletzt aktualisiert (Mittwoch, 1. Februar 2012)
 
 
 
FreeBSD
 

DOKUMENTZEIT

  2017-04-24  ☀  16:00 UTC

CYBER THREATCON

  ✛ΔO CYBER THREATCON: Level BETA

SICHERHEITSMODUL

  ᐅ REQUESTOR / YOU
  ᐊ 1&1 INTR. AG  CDN

ABSTIMMUNG

Sollte ✛ΔO »counter- intelligence« anwenden?
⚫ Ja, es gibt Bedarf für solche Operationen.
⚫ Nein, denn dies zu tun ist zu risikoreich.

BOOKMARK

Via Cmd oder Strg + D
Via Cmd oder Strg + D

STATISTIK

  Besucher: 618.250+ ℮

KAMPAGNEN

  25 Jahre Linux

TECHNOLOGIE

STADTWAPPEN

  Code Of Arms: Frankfurt

BETRIEBSSTATUS

  Anlage: Offen und in Betrieb
 
©  2003 - 2017   TRON-DELTA.ORG  (NGO)   –   Nongovernmental  Intelligence  Organization
Portal v5.04.050 R 1 mit ✛ΔO LXCMS v1.1