Israel‘s offensive cyber industry accounts for a wide variety of surveillance and espionage technologies. A number of these are tools sold to policing bodies which reveal the geographic location of a target. There are also more advanced technologies, sold to law enforcement and intelligence bodies, which allow clients to hack into computers, mobile phones and encrypted messaging apps, extracting all information stored on a device and secretly turning on its microphone and camera to create a tool which spies on its owner.
Daily Archives: 12. April 2023
US will ‚turn over every rock‘ to find source of classified documents leak: Austin
The documents seem to contain top-secret intelligence about the war in Ukraine and other parts of the world that is made available daily to hundreds of U.S. officials in the U.S. and overseas via classified computer servers that can only be accessed with a top-secret clearance.
What we know about the Pentagon document leak
– The documents also outline U.S. efforts to spy on its allies, Israel and South Korea.
Zoom in: One of the documents, a CIA update from March 1 sourced to signals intelligence, seemingly showed that leaders of Israel‘s intelligence agency encouraged Mossad officials and Israeli citizens to protest the government‘s proposed judicial reforms.
Mozilla Firefox Privacy and Security (about:config)
(Jun 16, 2021)
1.SSL configuration for Secure Browsing, disable weak Cipher Suites.
Enable Forward Secrecy
security.ssl3.rsa_aes_128_gcm_sha256 -> False
security.ssl3.rsa_aes_256_gcm_sha384 -> False
security.ssl3.ecdhe_ecdsa_aes_128_sha -> False
security.ssl3.ecdhe_rsa_aes_128_sha -> False
security.ssl3.rsa_aes_128_sha -> False
security.ssl3.rsa_des_ede3_sha -> False
security.ssl3.ecdhe_ecdsa_aes_256_sha -> False
security.ssl3.ecdhe_rsa_aes_256_sha -> False
security.ssl3.rsa_aes_256_sha -> False
………………..
The Details About the CIA‘s Deal With Amazon
(July 17, 2014)
This summer, a $600 million computing cloud developed by Amazon Web Services for the Central Intelligence Agency over the past year will begin servicing all 17 agencies that make up the intelligence community. If the technology plays out as officials envision, it will usher in a new era of cooperation and coordination, allowing agencies to share information and services much more easily and avoid the kind of intelligence gaps that preceded the Sept. 11, 2001, terrorist attacks.
For the first time, agencies within the intelligence community will be able to order a variety of on-demand computing and analytic services from the CIA and National Security Agency
SSL Report: mozilla.org
Protocols:
TLS 1.3 Yes
TLS 1.2 Yes*
TLS 1.1 Yes
TLS 1.0 Yes*
(…)
Server hostname ec2-44-235-246-155.us-west-2.compute.amazonaws.com
> וודאו שיש לכם TLS 1.3 או TLS 1.2 תחת הסעיף Protocols. עדיף שלא יהיה לכם TLS 1.0\1.1 בכלל. מספר השרתים הפגיעים בישראל: 100,000+ לא פשוט לכתוב אייטם כזה לאנשים לא מקצועיים, אבל הוא חשוב והתפרסם ב @Haaretz
(10 Dec 2019)
אני מודה ל @noamr ו- @GilBahat על ה-peer review
SSL Report: haaretz.com
Protocols:
TLS 1.3 No
TLS 1.3: Slow adoption of stronger web encryption is empowering the bad guys
(April 6, 2020)
Asymmetric encryption is used during the “handshake”, which takes place prior to any data being sent. The handshake determines which cipher suite to use for the session – in other words, the symmetric encryption type – so that both browser and server agree. The TLS 1.2 protocol took multiple round trips between client and server, while TLS 1.3 is a much smoother process that requires only one trip. This latency saving shaves milliseconds off each connection.
SSL Report: eff.org
Protocols:
TLS 1.3 No
ETS Isn‘t TLS and You Shouldn‘t Use It
(February 26, 2019)
The good news: TLS 1.3 is available, and the protocol, which powers HTTPS and many other encrypted communications, is better and more secure than its predecessors (including SSL).
The bad news: Thanks to a financial industry group called BITS, there’s a look-alike protocol brewing called ETS (or eTLS) that intentionally disables important security measures in TLS 1.3. If someone suggests that you should deploy ETS instead of TLS 1.3, they are selling you snake oil and you should run in the other direction as fast as you can.