Archiv: Informationstechnischer Komplex / IT complex


18.05.2022 - 07:26 [ Bundesministerium für Digitales und Verkehr ]

Statement Digitalminister Dr. Volker Wissing zur Chatkontrolle

Einige der Vorschläge der Kommission beunruhigen mich, weil sie einen Eingriff in den geschützten Raum der Vertraulichkeit der Kommunikation darstellen könnten: Ich verweise auf den besonderen Schutz der Vertraulichkeit der Kommunikation, die in Deutschland als Fernmeldegeheimnis ein Grundrecht ist. Ich denke dabei auch an das Berufsgeheimnis, insbesondere für Anwälte, Ärzte und Opferberatungsstellen.

Es gibt darüber hinaus viele offene Fragen:
Wie sollen die betroffenen Anbieter die zunächst erforderliche Risikoeinschätzung vornehmen, ohne sich von den Inhalten der Kommunikation Kenntnis zu verschaffen?
Und wie ist damit umzugehen, wenn aufgrund von technischen Verfahren eine Vielzahl von Verdachtsmeldungen eingeht, die sich im Nachhinein als offensichtlich falsch herausstellen. Es darf nicht passieren, dass unbescholtene Bürgerinnen und Bürger unbegründet des Kindesmissbrauchs verdächtigt werden.

17.05.2022 - 11:25 [ National Security Agency ]

TEMPEST: A Signal Problem

(1972)

Now, let´s go back to the beginning. During World War II, the backbone systems for Army und Navy secure teletypewriter communications were one-time tapes and the primitive crypto-equipment SIGTOT. For encrypting, the Services used a Bell-telephone mixing device, called 131-B2. When one of these mixers was being tested in a Bell laboratory, a researcher noticed, quite by accident, that each time the machine stepped, a spike appeared on an oscilloscope in a distant part of the lab. After he examined these spikes more carefully, he found that he could read the plain text of the message being enciphered by the machine.

17.05.2022 - 11:17 [ Radio Utopie ]

Spionage und Informationskontrolle: Der technologische Quantensprung in 1943

(20.7.2014)

USA, 1943. Mitten im Zweiten Weltkrieg.

In einem Labor der 1877 vom Schwiegervater Alexander Graham Bells gegründeten Bell Company (heute der Weltkonzern AT&T), die für das 1860 gegründete Signal Corps der US Armee arbeitet, testet ein Wissenschaftler der Bell Company das 1925 von der US Armee in Dienst gestellte verschlüsselnde Text-Kommunikationssystem SIGTOT. Es arbeitet nach dem US Patent #1,310,719 für ein „geheimes Signalsystem“ des Bell Technikers Gilbert S. Vernam aus 1919 und benutzt zur Verschlüsselung ein Bell Gerät namens 131-B2.

An jenem Tage des Jahres 1943 bemerkt nun der für die US Armee arbeitende Wissenschaftler der Bell Company ein technisches Phänomen, welches bis heute fast der gesamten Weltbevölkerung unbekannt ist, obwohl es die Sicherheit, die Privatsphäre, die Gesellschaften, die Staaten, die Sicherheit und das Leben von heute 7 Milliarden Menschen unmittelbar berührt und gefährdet:

jedes Mal wenn er über den verschlüsselnden Text-Kommunikations-Apparat SIGTOT einen Buchstaben eintippt, schlägt in einem entfernten Teil des Labors ein Oszilloskop aus. Und zwar fünf Mal, für jedes Zeichen pro Sekunde („baud“). Als er die angezeigten Spannungsspitzen näher analysiert, stellt er fest, dass er die in den Text-Kommunikations-Apparat der Armee per Hand eingetippten und anschließend verschlüsselten Texte aus der Entfernung unverschlüsselt mitlesen kann.

17.05.2022 - 11:10 [ Netzpolitik,org ]

EU-Pläne einfach erklärt : Warum die Chatkontrolle Grundrechte bedroht

Messenger wie WhatsApp und Signal sind Ende-zu-Ende-verschlüsselt. Da kann doch niemand mitlesen?

Die Antwortet laut: Ja, aber. Es stimmt, Ende-zu-Ende-Verschlüsselung soll verhindern, dass jemand außer Sender:in und Empfänger:in eine Nachricht mitlesen kann. Alle anderen Stationen im Internet dazwischen sehen nur Zeichensalat, aber nicht die Inhalte. Diese Verschlüsselung ist wichtig, damit weder kriminelle Hacker:innen noch Staaten unsere private Kommunikation lesen können. Auf den ersten Blick lässt sich eine Chatkontrolle also nicht mit Ende-zu-Ende-Verschlüsselung vereinbaren. Aber die Regulierung würde Unternehmen verpflichten, Inhalte trotzdem irgendwie zu scannen. Die EU-Kommission lässt offen, wie das technisch gehen soll.

12.05.2022 - 16:21 [ theParadise.ng ]

EU, UK join US in Launching Online ‘Disinformation’ Policies, ‘One-World Governance’ of Social Media

These steps come as part of a broader crackdown on the “spread of disinformation” called for by the Act, requiring platforms to “flag hate speech, eliminate any kind of terrorist propaganda” and implement “frameworks to quickly take down illicit content.”

Regarding alleged “disinformation,” these platforms will be mandated to create a “crisis response mechanism” to combat the spread of such content, with the Act specifically citing the conflict between Russia and Ukraine and the “manipulation” of online content that has ensued.

12.05.2022 - 16:01 [ Daniel Neun / Rado Utopie ]

„Strategische Überwachung der Telekommunikation“: Die verschwiegene Infrastruktur der Totalüberwachung

(16.3.2015)

In der „Begründung zum Entwurf für eine Erste Verordnung zur Änderung Telekommunikations-Überwachungsverordnung“ vom 29. April 2002 schrieb die Regierung:

Die Überwachungsmaßnahmen nach den §§ 5 und 8 des G 10 zielen auf ein regional begrenztes Gebiet ab, über das Informationen gesammelt werden sollen. Sie beziehen sich auf internationale Telekommunikationsbeziehungen, soweit eine gebündelte Übertragung erfolgt. Das Besondere an der strategischen Fernmeldekontrolle ist dabei, dass aus einer großen Menge verschiedenster Sachverhalte einzelne ausgewertet werden, die sich hierfür aufgrund bestimmter Merkmale qualifizieren. (…)

Die hierfür bei den Verpflichteten zum Einsatz gelangenden technischen Einrichtungen sind (..) weniger komplex als die Einrichtungen, die zur Umsetzung der übrigen Überwachungsmaßnahmen erforderlich sind. Dies liegt insbesondere darin begründet, dass der Betreiber bei der technischen Umsetzung dieser strategischen Kontrollmaßnahmen keinen Bezug auf eine bestimmte Person oder Anschlusskennung zu beachten hat. Angesichts der wenigen Anbieter, die internationale Übertragungswege anbieten, auf denen eine gebündelte Übertragung erfolgt, ist davon auszugehen, dass insgesamt nur verhältnismäßig wenige technische Einrichtungen zum Einsatz kommen. (…)

Der Gesetzgeber hat bei der Novellierung des G 10 eine Frist von 2 Jahren eingeräumt, innerhalb der eine Evaluation der geänderten Möglichkeiten gerade mit Blick auf die strategische Kontrolle verlangt wird. Auch diese Vorschrift fordert unverzügliches Handeln bei der technischen und organisatorischen Umsetzung von Maßnahmen zur strategischen Überwachung der Telekommunikation.“

Dazu Heise.de am 1.Februar 2002:

„Offenbar, so vermuten nun Experten, will der Bundesnachrichtendienst wohl nun selbst 100 Prozent erfassen, um dann freiwillig nur 20 Prozent auszuwerten.“

12.05.2022 - 15:48 [ Netzpolitik.org ]

Das EU-Überwachungsmonster kommt wirklich, wenn wir nichts dagegen tun

Jetzt ist es raus: Die EU-Kommission will die Chatkontrolle einführen – und damit das größte Projekt zur anlasslosen Massenüberwachung seit Langem. Es braucht schnell Protest, damit das Vorhaben noch verhindert wird.

12.05.2022 - 15:38 [ Daphne Keller, Stanford Cyber Policy Center / Twitter ]

I’m on NPR, warning smaller platforms that they need to start gearing up for DSA compliance and singing the praises of career civil servants in Brussels.

12.05.2022 - 15:04 [ Naomi Brockwell, Tech journalist / Twitter ]

The EU has proposed the most sophisticated mass surveillance system ever deployed outside of China & the USSR. It will mandate device-scanning, including encrypted messages.

(11.05.2022)

@matthew_d_green will dive into the details on tomorrow’s live show, 4pmEDT

12.05.2022 - 14:54 [ Wikipedia ]

Digital Services Act

On 22 April 2022, European policymakers reached an agreement on the Digital Services Act.[7] The final stage before the two bills come into law, is the vote by representatives of the individual parliaments and policymakers from the 27 member nations, which is considered to be a formality.

12.05.2022 - 14:42 [ Reporters for Freedom of the Press ]

EU poised to impose sweeping social media regulation with Digital Services Act

The DSA, and its partner regulation, the Digital Markets Act, were introduced to the European Parliament in 2020. The European Commission said the regulations were intended to accomplish two goals: “create a safer digital space in which the fundamental rights of all users of digital services are protected” and “establish a level playing field to foster innovation, growth, and competitiveness, both in the European Single Market and globally.”

12.05.2022 - 14:27 [ OTS.at ]

FPÖ – Vilimsky zu Chat-Überwachung: „Brüssel nimmt sich China als Vorbild“

„Mit dem Vorschlag einer lückenlosen Kontrolle aller Internet-Chats überschreitet die EU-Kommission nun endgültig eine rote Linie“, erklärte heute Harald Vilimsky, freiheitlicher Delegationsleiter im Europaparlament. „Was hier vorliegt, ist der Brüsseler Traum einer Massenüberwachung aller europäischen Bürger. Kommissionschefin von der Leyen segelt damit in der Missachtung von Grundrechten klar auf illiberalem Kurs nach dem Vorbild von China“, so Vilimsky.

12.05.2022 - 14:22 [ status LED: blink blink blink blink / Twitter ]

Replying to @matthew_d_green The term „grooming“ is being actively used in right-wing US political speech to indicate *any* advocacy for liberal values. So the potential for this sort of surveillance project to spiral truly out of control into abject political fascism is bounded only by the imagination.

12.05.2022 - 14:05 [ Matthew Green, I teach cryptography at Johns Hopkins ]

This document is the most terrifying thing I’ve ever seen. It is proposing a new mass surveillance system that will read private text messages, not to detect CSAM, but to detect “grooming”. Read for yourself.

(May 10, 2022)

12.05.2022 - 13:59 [ ReclaimTheNet.org ]

The EU wants to scan all chat messages, using the guise of combating child abuse

The proposal states that, at the request of a government agency, “Providers of hosting services and providers of interpersonal communication services that have received a detection order shall execute it by installing and operating technologies to detect” CSAM.

We obtained a copy of the proposal for you here.

12.05.2022 - 13:11 [ Tiemo Wölken. Sozialdemokrat, Nordlicht, Technikfan, Europäer & Mitglied im Europäischen Parlament / Nitter.net ]

Jetzt ist der finale Entwurf zur #Chatkontrolle da. Er sieht die Durchleuchtung aller Kommunikation vor, fordert Altersverifizierung & wie befürchtet #Netzsperren. Warum ich davon nicht halte hier noch einmal

11.05.2022 - 11:07 [ Futurezone.at ]

EU will alle Chats überwachen: Heftige Kritik

Damit ist, rein technisch betrachtet, eine Überwachung der Inhalte nur mittels „Client Side Scanning“ möglich, also der Überwachung direkt auf den Endgeräten der Nutzer*innen. Dabei werden die Smartphones direkt auf bestimmte Dateien durchsucht, und zwar bereits bevor sie für die Kommunikation verschlüsselt werden. Der Abgleich würde von einer Künstlichen Intelligenz (KI) vorgenommen, die das Gerät auf Missbrauchsinhalte scannt.

06.05.2022 - 16:16 [ ORF.at ]

EU erhielt die zwölfte Cybersicherheitsorganisation

(04.07.2021)

Ein aktuelles, schlagendes Beispiel dafür ist die Neufassung der deutschen Cybersicherheitsstrategie. In Deutschland ist es Teil dieser Strategie, gewisse neuentdeckte Software-Sicherheitslücken für Polizei – und Geheimdienste offenzuhalten, die deutsche Cyberbehörde ZiTis soll die zugehörige Trojaner-Schadsoftware für mehrere Dutzend deutsche Bundes- Landesbehörden entwickeln.

06.05.2022 - 10:18 [ Tutonaut.de ]

DNS over TLS in der FritzBox aktivieren und sicherer surfen

Da die Kommunkation mit dem verschlüsselten DNS-Server über den Port 853 läuft, muss dieser geöffnet sein und darf nicht vom Provider oder Internet-Anbieter blockiert werden. Das ist in Deutschland unwahrscheinlich, aber falls Ihr die DNS-over-TLS-Technologie in zensurfreudigen Drittländern verwenden wollt, solltet Ihr das im Hinterkopf haben: Falls Ihr partout nicht ins Internet kommen solltet, ist der Service einfach geblockt.

05.05.2022 - 20:16 [ New York Times ]

Spain Says Cellphones of Prime Minister and Defense Minister Were Hacked

(02.05.2022)

Officials said the devices were breached by the Pegasus spyware, made by an Israeli company, which is intended to track illegal behavior but has been misused by some governments.

05.05.2022 - 20:01 [ ORF.at ]

Spaniens Geheimdienst bespitzelte Separatisten

Bei der Überwachung kam die israelische Spähsoftware Pegasus zum Einsatz.

Für jeden dieser Fälle habe CNI-Chefin Paz Esteban heute in einer parlamentarischen Kontrollkommission eine richterliche Erlaubnis vorgelegt, berichtete die Zeitung „El Pais“.

02.05.2022 - 16:14 [ Tagesschau.de ]

Handy-Attacke mit Pegasus-Software: Spähangriff auf Spaniens Regierungschef

Bolaños machte keine Angaben dazu, ob die spanischen Behörden über Hinweise auf den Ursprung der Abhöraktion verfügen oder ob sie aus dem Ausland erfolgte.

Es sei aber absolut sicher, dass es sich um eine Attacke von außen handele, weil weil in Spanien alle Eingriffe von offiziellen Einrichtungen und mit juristischer Genehmigung erfolgen“, fügte der Minister hinzu.

02.05.2022 - 16:05 [ Haaretz ]

Spanish Prime Minister, Defense Minister Hacked Using Israel’s Pegasus Spyware in 2021, Officials Say

Israel’s NSO Group, the cyber offensive firm which developed Pegasus, said it was unfamiliar with the details of the specific case and, as a software provider, cannot know who the targets of its customers are.

Spain’s government is under pressure to explain why the cellphones of dozens of people connected to the separatist movement in the northeastern Catalonia region were infected with Pegasus between 2017 and 2020, according to cybersecurity experts’ group Citizen Lab.

30.04.2022 - 16:50 [ DeviceInfo.me ]

Device Info

Device Type / Model:

Operating System:

True Operating System Core:

Browser:

True Browser Core:

Browser Build Number / Identifier:

IP Address (WAN)

Tor Relay IP Address:

VPN IP Address:

Proxy IP Address:

Hostname:

Location:

Country:

Region:

City:

Latitude & Longitude:

Geolocation:

……………………………

01.04.2022 - 06:41 [ Reuters ]

U.S. bars ex-spies from becoming ‚mercenaries,‘ following Reuters series

(March 16, 2022)

“We don’t want our best trained intel officers going straight into the hands of foreign governments for the sake of money,“ Castro said. „This discourages intelligence mercenaries and protects our national interest.“

The UAE spying operation, called Project Raven, hacked into Facebook and Google accounts and thousands of Apple iPhones, targeting activists that human rights groups say were later arrested and tortured

01.04.2022 - 06:05 [ ReclaimTheNet.org ]

Lawsuit accusing tech giants of spying is allowed to proceed

(September 14, 2022)

In the legal battles with a focus on listening devices like “smart speakers,” etc, that are currently active in the US, Google and Amazon are not spared either. Reports, including by Reuters, say that a number of filings allege that their devices and apps are recording users’ conversations without their consent, and that Big Tech companies use this material to make money by giving it to advertisers, who can then more precisely target people based on knowledge of their behavior and interests.

31.03.2022 - 20:50 [ addons.mozilla.org ]

User-Agent Switcher

Pretending to be a different browser can be useful in a number of different situations:

– Some web pages require you to log in or buy a subscription to view their content, but give full read access to search engines.
– Some web pages determine whether you’re using a mobile or desktop browser based on your user-agent.
– Some web pages require you to use a specific browser to access their site.
– And potentially more…

31.03.2022 - 20:35 [ DeviceInfo.me ]

Device Info

Device Type / Model:

Operating System:

True Operating System Core:

Browser:

True Browser Core:

Browser Build Number / Identifier:

IP Address (WAN)

Tor Relay IP Address:

VPN IP Address:

Proxy IP Address:

Hostname:

Location:

Country:

Region:

City:

Latitude & Longitude:

Geolocation:

……………………………

23.02.2022 - 07:39 [ Weißes Haus ]

FACT SHEET: Securing a Made in America Supply Chain for Critical Minerals

(22.02.2022)

As the world transitions to a clean energy economy, global demand for these critical minerals is set to skyrocket by 400-600 percent over the next several decades, and, for minerals such as lithium and graphite used in electric vehicle (EV) batteries, demand will increase by even more—as much as 4,000 percent. The U.S. is increasingly dependent on foreign sources for many of the processed versions of these minerals. Globally, China controls most of the market for processing and refining for cobalt, lithium, rare earths and other critical minerals.

01.02.2022 - 03:14 [ Haaretz ]

NSO Is an Arm of Israel’s Government

In 2019 NSO agreed to reconnect the Pegasus system in Saudi Arabia, in the context of Netanyahu’s contacts regarding the Abraham Accords. Until the accords were announced, Israel gave NSO a permit to sell Pegasus to almost all of the countries that signed the agreements.

01.02.2022 - 03:00 [ New York Times ]

The Battle for the World’s Most Powerful Cyberweapon

(Jan. 28, 2022)

The F.B.I. had bought a version of Pegasus, NSO’s premier spying tool. For nearly a decade, the Israeli firm had been selling its surveillance software on a subscription basis to law-enforcement and intelligence agencies around the world, promising that it could do what no one else — not a private company, not even a state intelligence service — could do: consistently and reliably crack the encrypted communications of any iPhone or Android smartphone.

01.02.2022 - 02:28 [ New York Times ]

F.B.I. Secretly Bought Israeli Spyware and Explored Hacking U.S. Phones

(Jan. 28, 2022)

The Times found that sales of Pegasus played a critical role in securing the support of Arab nations in Israel’s campaign against Iran and negotiating the Abraham Accords, the 2020 diplomatic agreements, signed at a Trump White House ceremony, that normalized relations between Israel and some of its longtime Arab adversaries.

The U.S. had also moved to acquire Pegasus, The Times found. The F.B.I., in a deal never previously reported, bought the spyware in 2019, despite multiple reports that it had been used against activists and political opponents in other countries. It also spent two years discussing whether to deploy a newer product, called Phantom, inside the United States.

21.01.2022 - 15:30 [ privacy-handbuch.de ]

DNS-Server

Folgende zensur-freien und vertrauenswürdigen DNS-Server mit No-Logging Policy, DNSSEC Validierung und Anti-Spoofing Schutz (Testseite) kann man als Alternative zu den Default DNS-Servern der Provider für diejenigen empfehlen, die wechseln möchten:

21.01.2022 - 14:52 [ DeviceInfo.me ]

Device Info

Device Type / Model:

Operating System:

True Operating System Core:

Browser:

True Browser Core:

Browser Build Number / Identifier:

IP Address (WAN)

Tor Relay IP Address:

VPN IP Address:

Proxy IP Address:

Hostname:

Location:

Country:

Region:

City:

Latitude & Longitude:

Geolocation:

……………………………

21.01.2022 - 14:35 [ Browserleaks.com ]

Browserleaks.com

It has long been believed that IP addresses and Cookies are the only reliable digital fingerprints used to track people online. But after a while, things got out of hand when modern web technologies allowed interested organizations to use new ways to identify and track users without their knowledge and with no way to avoid it.

BrowserLeaks is all about browsing privacy and web browser fingerprinting. Here you will find a gallery of web technologies security testing tools that will show you what kind of personal identity data can be leaked, and how to protect yourself from this.

01.01.2022 - 20:20 [ Browserleaks.com ]

Browserleaks.com

It has long been believed that IP addresses and Cookies are the only reliable digital fingerprints used to track people online. But after a while, things got out of hand when modern web technologies allowed interested organizations to use new ways to identify and track users without their knowledge and with no way to avoid it.

BrowserLeaks is all about browsing privacy and web browser fingerprinting. Here you will find a gallery of web technologies security testing tools that will show you what kind of personal identity data can be leaked, and how to protect yourself from this.

16.12.2021 - 05:06 [ bankinfosecurity.com ]

Senate Passes $768 Billion NDAA With Cyber Provisions

Lawmakers claim the bill is the widest expansion of CISA through legislation since the SolarWinds incident. Among other features, the NDAA authorizes CISA’s program to monitor IT and OT networks of critical infrastructure partners; and codifies a program providing businesses and state and local governments with model exercises to test their critical infrastructure.

16.12.2021 - 04:47 [ BGR,com ]

Nation-state hackers are already exploiting the scary Log4j vulnerability

Security researchers recently stunned the world with the Log4Shell hack, revealing that the entire internet is scrambling to patch a vulnerability in a widely used Java utility that many companies employ in their servers. Also known as the Log4j hack, the security issue allows hackers to get into computer systems without a password.

16.12.2021 - 04:45 [ theTimeshub.in ]

Threat 10 out of 10: Hackers are already exploiting a new vulnerability on computers around the world

According to the Finacial Times, up to December 14

hackers launched more than 1.2 million attacks, which affected hundreds of thousands of users.

Attackers have almost unlimited freedom to hack. The attack was quickly and easily deployed.
They extract the information they need, add record data to the server, delete it, switch to different servers, install ransomware.
Hackers can inject malicious software onto servers, install various programs (including for mining cryptocurrencies), steal confidential data, modify information and make changes to the service interface.

24.11.2021 - 12:06 [ Berlinstreet.de ]

Mikrofone in der U-Bahn

(10.2.2019)

Der FDP-Abgeordnete Marcel Luthe sagt dazu: „Die BVG legt die technische Grundlage für eine anlasslose Totalüberwachung der Bürger. Jede vorhandene Technik wird früher oder später eingesetzt und sodann auch das gesprochene Wort von einem Staatsunternehmen überwacht.“

14.11.2021 - 14:00 [ Nature.com ]

Solar differential rotation reproduced with high-resolution simulation

(Published: 13 September 2021)

Here, we show that a high-resolution calculation succeeds in reproducing the solar-like differential rotation. Our calculations indicate that the strong magnetic field generated by a small-scale dynamo has a significant impact on thermal convection. The successful reproduction of the differential rotation, convection and magnetic field achieved in our calculation is an essential step to understanding the cause of the most basic nature of solar activity, specifically, the 11 yr cycle of sunspot activity.

14.11.2021 - 12:24 [ EOS.org ]

Accurate Simulation of Sun’s Rotation Might Illuminate Solar Cycle

(08.11.2021)

Japanese scientists said they have created the first accurate computer simulation of how the Sun rotates, reproducing a phenomenon in which its equatorial area spins faster than its polar regions. The insight could help explain the whys and hows of the solar cycle, one of the biggest mysteries of our star.

27.10.2021 - 13:45 [ .theHinduBusinessLine.com ]

What has the US-China trade ‘war’ achieved?

(04.10.2021)

On July 6, 2018, US President Donald Trump unilaterally imposed a 25 per cent tariff on Chinese imports of around $34 billion, and further tariffs in 2018 and 2019 — claiming that trade between US and China had been unfairly skewed in China’s favour and needed to be rebalanced. The ostensible reason put forward was the persistence of what were called “unfair trade practices” and “technology theft” by China.

Thereafter, the trade war has continued into the administration of President Joe Biden, and morphed into a technology war, which is probably what it was always about.

27.10.2021 - 13:18 [ Nikkei.com ]

China to create rare-earths giant by joining three state companies

(October 24, 2021)

China accounts for 60% of the world’s production of rare earths according to the U.S. Geological Survey. The top export destinations are Japan (49% by value) followed by the U.S. (15%), according to Chinese media.

For the Xi leadership, rare earths can also be used as a diplomatic trump card. When China protested Japan’s nationalization of the Senkaku Islands in 2010, Beijing stalled exports of rare earths as a means to pressure the Japanese side. The new move to restructure the rare-earth industry, therefore, may affect rare-earth supply to Japan and the U.S., analysts warn.

19.10.2021 - 20:22 [ DeviceInfo.me ]

Device Info

Device Type / Model:

Operating System:

True Operating System Core:

Browser:

True Browser Core:

Browser Build Number / Identifier:

IP Address (WAN)

Tor Relay IP Address:

VPN IP Address:

Proxy IP Address:

Hostname:

Location:

Country:

Region:

City:

Latitude & Longitude:

Geolocation:

……………………………

19.10.2021 - 20:12 [ Browserleaks.com ]

What Is My IP Address

IP address:
Hostname:
Country:
State/Region:
City:
ISP:
Organization:
Connection Type:
Timezone:
Local Time:
Coordinates:

IPv6 Leak Test:
IPv6 Address:

WebRTC Leak Test:
Local IP address:
Public IP address:

DNS Leak Test:
Test Results Found …
Your DNS Servers:

05.10.2021 - 00:35 [ Middle East Monitor ]

After NSO Group, warning issued against second Israeli spyware firm

(October 4, 2021)

The July report by Citizen’s Lab and Microsoft found that Candiru had been used to spy on more than 100 human rights activists, regime opponents, journalists and scholars from countries such as Iran, Lebanon, Yemen, UK, Turkey and even Israel.

Revelations about Candiru make it the first time that fingers were being pointed at a second Israeli cyber-surveillance company, which is considered a competitor of the NSO Group. The notorious Israeli firm sparked a global scandal in July following the discovery that as many as 50,000 phones were targeted by its Pegasus spyware.

05.10.2021 - 00:24 [ Haaretz ]

Cellphone Hacking and Millions in Gulf Deals: Inner Workings of Top Secret Israeli Cyberattack Firm Revealed

(Sep. 7, 2020)

NSO’s specialty is hacking smartphones. Up till now, little was known about Candiru. TheMarker has revealed that the firm offers hacking tools used to break into computers and servers, and now, for the first time, has confirmed it also has technology for breaking into mobile devices.

05.10.2021 - 00:20 [ Forbes ]

Meet Candiru — The Mysterious Mercenaries Hacking Apple And Microsoft PCs For Profit

(Oct 3, 2019)

Israel is home to scores of hacker-for-hire businesses, but one of the most clandestine has been Candiru. With no website and few records available, it’s operated largely under the radar.

But now a researcher is claiming the elite Tel Aviv-based firm sold cyber weapons to the government of Uzbekistan, while industry sources tell Forbes the company is hacking both Microsoft Windows and Apple Macs for various nation states.

03.10.2021 - 16:39 [ Haaretz ]

Advanced Spyware From Israel’s Candiru Discovered on Russian, Turkish, Palestinian Computers

Spyware made by the Tel Aviv-based hacking tool company Candiru has been found on several computers in Europe and the Middle East, the cybersecurity company ESET reported.

In their September report, ESET wrote that according to research published by Citizen Lab and the Microsoft Threat Intelligence Center in July about Candiru’s DevilsTongue malware, it is „sold to third parties, which can abuse it to spy on various victims, including human rights defenders, dissidents, journalists, activists and politicians.“

02.10.2021 - 18:37 [ GlobalTimes.cn ]

Chinese chip firms temporarily halt production due to nationwide power curbs

A number of chip enterprises in China have halted production temporarily, including suppliers of semiconductors for foreign companies, amid a severe nationwide power shortage due to soaring coal prices and policies to reduce energy consumption.

CWTC, a semiconductor packaging material supplier for NXP and Infineon Technologies, released a notice on Sunday saying that its factory in Suzhou, Jiangsu had suspended semiconductor production from September 26 to 30, in accordance with the local policy on power reduction.

02.10.2021 - 16:20 [ theGuardian.com ]

‘A perfect storm’: supply chain crisis could blow world economy off course

Along with ongoing Covid-related restrictions in some large manufacturing countries such as Vietnam, and a well-documented shortage of components such as computer chips, factories are simply not producing enough.

British car production dropped by 27% year on year in August as a lack of semiconductors and led to a big drop in the number of vehicles exported to Australia, the US and China. On Thursday, Volkswagen, Ford and Opel maker Stellantis announced fresh temporary closures in Germany because of the chip problem.

02.10.2021 - 15:59 [ CNBC ]

The U.S. and EU discuss ways to solve the global chip shortage: Here’s what you need to know

(30.09.2021)

In addition, although the final statement doesn’t mention China, some of the pledges certainly seemed to be targeted at Beijing.

“We intend to work closely together to address non-market, trade-distortive policies and practices, improve the effectiveness of our respective domestic measures,” the U.S. and the EU said.

Officials have on numerous occasions criticized Beijing for not giving the same level of access to foreign business as to what is granted to Chinese companies abroad.

02.10.2021 - 15:53 [ .theGuardian.com ]

America faces supply-chain disruption and shortages. Here’s why

(01.10.2021)

There are more problems that strike at the heart of our economy. The most obvious is semiconductors. Production of high-end chips has gone offshore to east Asia because of deliberate policy to disinvest in the hard process of making things. In addition, the firm that now controls the industry, Taiwan Semiconductor, holds a near monopoly position with a substantial technological lead and a track record in the 1990s and early 2000s of dumping chips at below cost.

02.10.2021 - 15:47 [ Heise.de ]

Chipmangel: Was hinter der globalen Krise steckt

Trotzdem bröckelt das Versprechen von stets steigender Rechenleistung. Allerdings nicht, weil die Chiphersteller an die physikalischen Grenzen der Miniaturisierung gestoßen wären. Steigende Kosten für die immer größere Verdichtung von Rechenleistung haben zu einer Konsolidierung unter den Chipherstellern geführt – und zu Engpässen im immens komplexen Geschäft der Chipproduktion.

24.09.2021 - 17:02 [ DeviceInfo.me ]

Device Info

Device Type / Model:

Operating System:

True Operating System Core:

Browser:

True Browser Core:

Browser Build Number / Identifier:

IP Address (WAN)

Tor Relay IP Address:

VPN IP Address:

Proxy IP Address:

Hostname:

Location:

Country:

Region:

City:

Latitude & Longitude:

Geolocation:

……………………………

24.09.2021 - 16:49 [ Browserleaks.com ]

What Is My IP Address

IP address:
Hostname:
Country:
State/Region:
City:
ISP:
Organization:
Connection Type:
Timezone:
Local Time:
Coordinates:

IPv6 Leak Test:
IPv6 Address:

WebRTC Leak Test:
Local IP address:
Public IP address:

DNS Leak Test:
Test Results Found …
Your DNS Servers:

24.09.2021 - 15:42 [ ORF.at ]

EU erhielt die zwölfte Cybersicherheitsorganisation

(04.07.2021)

Ein aktuelles, schlagendes Beispiel dafür ist die Neufassung der deutschen Cybersicherheitsstrategie. In Deutschland ist es Teil dieser Strategie, gewisse neuentdeckte Software-Sicherheitslücken für Polizei – und Geheimdienste offenzuhalten, die deutsche Cyberbehörde ZiTis soll die zugehörige Trojaner-Schadsoftware für mehrere Dutzend deutsche Bundes- Landesbehörden entwickeln.

24.09.2021 - 07:07 [ der-windows-papst.de ]

DNS over TLS FritzBox aktivieren

DoT ist letztlich nur ein weiterer Schritt die Privatsphäre zu schützen. Diese Technik verschlüsselt nur die Strecke vom heimischen Router bis hin zum Resolver des Anbieters.

24.09.2021 - 06:38 [ privacy-handbuch.de ]

DNS-Server

Folgende zensur-freien und vertrauenswürdigen DNS-Server mit No-Logging Policy, DNSSEC Validierung und Anti-Spoofing Schutz (Testseite) kann man als Alternative zu den Default DNS-Servern der Provider für diejenigen empfehlen, die wechseln möchten:

11.09.2021 - 18:04 [ Radio Utopie ]

15 JAHRE TERRORKRIEG UND 11. SEPTEMBER: „Stehen die Befehle noch?“

(11.09.2016)

Trotz der laufenden Manöver ist die gesamte reguläre Kommandokette sowohl der militärischen Luftverteidigung, als auch das korrespondierende Protokoll für den Fall von Entführungen ziviler Passagiermaschinen im Inland am Tag der Attentate durch eine Kette äußerst merkwürdiger „Zufälle“ lahmgelegt:

der Leiter der Luftfahrtbehörde ist gerade einen Tag im Amt,
der „hijack coordinator“ des Militärs, Michael Canavan (immerhin ehemaliger Leiter des „Joint Special Operations Command“ (JSOC), ist angeblich in Puerto Rico, ohne eine Vertretung bestellt zu haben,
die Kommandozentrale des Pentagon NMCC ist mit einem Captain besetzt, der leitende General hatte sich am Abend vorher „unabkömmlich“ gemeldet,
NEADS-Kommandeur General Larry Arnold lässt sich, während die Meldungen über Flugzeugentführungen eintreffen, entschuldigen, er sei in einem Meeting,
NORAD Kommandeur General Ralph Eberhart, der am Tag vor den Attentaten die Alarmstufe der informationstechnischen Systeme des Militärs InfoCon auf die niedrigste Stufe hatte setzen lassen, merkt nach eigener Aussage von allem nichts, bis er im Fernsehen nach dem Einschlag des zweiten Flugzeugs die brennenden WTC Türme sieht, telefoniert dann erstmal mit dem amtierenden Generalstabschef Myers, aber dann auch mit keinem anderen mehr, lässt die Militärmanöver weiterlaufen und setzt sich eine halbe Stunde ins Auto um ins NORAD-Operationszentrum zu fahren
und Verteidigungsminister Donald Rumsfeld ist unauffindbar.

Erst nach dem Einschlag der Flugzeuge in die WTC Zwillingstürme, nach dem Einschlag ins Pentagon, nach dem Kollaps beider Türme des World Trade Centers in New York und nachdem der Absturz eines vierten entführten Flugzeugs in Shanksville vermeldet ist, wird der Verteidigungsminister der Vereinigten Staaten von Amerika die Kommandozentrale des Pentagon betreten.

Später wird Rumsfeld vor der 9/11-Kommission seiner eigenen Regierung aussagen, er sei sich erst nach einem Telefonat mit Vizepräsident Dick Cheney um 10.39 Uhr Washingtoner Zeit „der Situation bewusst“ geworden („gaining situation awareness“) – also anderthalb Stunden nach dem Einschlag des ersten Flugzeugs ins World Trade Center und nachdem bereits Milliarden von Menschen rund um die Welt die Ereignisse durch Live-Übertragungen verfolgt hatten.

Da der Präsident bei einer Schulklasse zu Besuch ist und trotz der Attentate immer weiter aus Kinderbüchern vorliest, endet die Kommandokette am Tag der Attentate bei Vizepräsident Dick Cheney in der unterirdischen Einsatzzentrale des Weißen Hauses PEOC („President´s Emergency Operations Center“).

Der Verkehrsminister (wörtlich: Transportminister, „Secretary of Transport“) Norman Mineta sitzt an diesem Morgen des 11. September zusammen mit Vizepräsident Dick Cheney im „Situation Room“, also der Zentrale des PEOC Bunkers. Minetas Aussage vor der 9/11-Kommission zufolge – die untenstehend in der Dokumentation als Aufzeichnung zu sehen ist – betritt mehrfach ein Mann den „Situation Room“ und berichtet Vizepräsident Dick Cheney über die Entfernung eines sich Washington nähernden Flugzeugs.

„Das Flugzeug ist 50 Meilen entfernt“, dann: „Das Flugzeug ist 30 Meilen entfernt.“ Als der Mann schließlich dem Vizepräsidenten meldet: „Das Flugzeug ist 10 Meilen entfernt“ fragt der Mann den zu diesem Zeitpunkt amtierenden Oberkommandierenden der Vereinigten Staaten von Amerika, Dick Cheney:

„Stehen die Befehle noch?“ („Do the orders still stand?“)

Laut Mineta wendet Cheney dem Mann nun den Kopf zu und sagt:

„Natürlich stehen die Befehle noch! Haben Sie irgendetwas Gegenteiliges gehört?“

Minuten später erfolgt der Einschlag im Pentagon.

Später werden Researcher den Mann als Cheneys Militärberater Douglas Cochrane identifizieren. Auch stellt sich heraus, dass die 9/11-„Untersuchungskommission“ Cochrane vernommen, dies aber verschwiegen hatte. Bis heute wird Cochrans Aussage vor der 9/11-Kommission geheim gehalten.

Die Aussage von Norman Mineta aber, dem am 11. September amtierenden Verkehrsminister, verfälscht die 9/11-„Kommission“ in ihrem Abschlussbericht und verändert die Angaben derart, dass sie zu den Angaben von Dick Cheney und der bis dahin bereits offiziell allgemein akzeptierten Tatversion der Attentate passen.

Mineta bleibt dennoch bei seiner Aussage und bestätigt diese später mehrfach.

11.09.2021 - 16:47 [ alumni.cornell.edu / web.archive.org ]

SPOTLIGHT ON: BARBARA RIGGS

(Frühjahr / spring 2006)

„Once the first plane hit, we implemented emergency evacuation plans for our field office located in World Trade Center #7. All these individuals were in the process of being evacuated when the second plane hit. While the Secret Service law enforcement personnel assisted NYPD and NYFD evacuate the towers, the administrative staff and temporary personnel were escorted to safety. Secret Service Special Officer Craig Miller was killed while assisting in the evacuation of one of the towers. Later that day, the USSS New York Field Office was lost as World Trade Center #7 collapsed.

Thru monitoring radar and activating an open line with the FAA, the Secret Service was able to receive real time information about other hijacked aircraft. We were tracking two hijacked aircraft as they approached Washington, D.C. and our assumption was that the White House was a target. While the White House was evacuated, the Secret Service prepared to defend the facility.“

11.09.2021 - 16:40 [ Michael C. Ruppert / Weebly.com ]

Crossing the Rubicon

(2004)

It has never been disputed that at all times Cheney was able to communicate with the Pentagon. Nor has it ever been disputed that the Secret Service was always in Cheney’s immediate presence. This is where the entire explanation of who knew what and when offered by the Kean Commission irretrievably falls apart. Below Clarke’s description of the unfolding of a key moment on the morning of 9/11 falls between two time-certain events. We can clearly place the time of this moment atapproximately 9:40 a.m., or one minute before the impact on the Pentagon.

„During the pause [as people in the White House Situation Roompaused to watch President Bush’s first televised remarks at 9:30 a.m.], I noticed that Brian Stafford, Director of the Secret Service, was now in the room. He pulled me aside ….

Stafford slipped me a note. “Radar shows aircraft headed this way.” Secret Service had a system that allowed them to see what FAA’s radar was seeing. “I’m going to empty out the complex.” He was ordering the evacuation of the White House.
Ralph Seigler stuck his head into the room, “There has been an explosion at the Pentagon parking lot, maybe a car bomb.” “

“Secret Service had a system that allowed them to see what FAA’s radar was seeing”?

11.09.2021 - 16:39 [ Radio Utopie ]

DER 11. SEPTEMBER: Die Kommandokette

(11.09.2014)

Wie in Teil 3 unserer Artikelreihe umschrieben, waren in den USA, auch nach dem Zusammenbruch des konkurrierenden Ostblocks und seinem sowjetischen Imperium, über Jahrzehnte umfangreichste, weit verzweigte “Sicherheits”-Strukturen aufgebaut worden, in enger Symbiose mit dem “privaten”, also internationalen kommerziellen Sektor. U.a. waren vom damaligen Präsidenten Bill Clinton am 22. Mai 1998 zwei geheime “Presidential Decision Directives” (Executive Orders) unterschrieben worden, PDD 62 und PDD 63, die teilweise direkt Empfehlungen einer vorhergehenden Präsidentenkommission „zum Schutz kritischer Infrastruktur“ umsetzten, deren Mitglieder sich praktisch aus dem gesamten Spektrum des militärischen, industriellen, geheimdienstlichen und technologischen Komplex zusammengesetzt hatten. Diese geheimen PDD 62 und PDD 63 hatten die Institution eines „Nationalen Koordinators“ geschaffen, mit den offiziellen Arbeitsfeldern Sicherheit, Schutz der Infrastruktur und Konterterrorismus („counterterrorism“).

Dieses Amt, was nach 9/11 in aller Stille wieder eingestampft wurde, trat 1998 Richard Clarke an, der bereits seit 1992 im „Nationalen Sicherheitsrat“ gesessen hatte und nun in diesem aufstieg. In 2003 schied Clarke unter nicht vollständig ersichtlichen Umständen und Gründen aus der Bush-Regierung aus. In 2004 veröffentlichte er das Buch „Against All Enemies: Inside America’s War on Terror“.

Aus Clarkes Buch fiel Michael C. Ruppert, der als ehemaliger Polizist des LAPD am 15. November 1996 vor laufender Kamera den damaligen CIA Chef John Deutch mit Anwerbeversuchen der CIA und deren Verstrickung in Drogenhandel konfrontiert hatte, folgende Zeile auf:

„Secret Service had a system that allowed them to see what FAA’s radar was seeing.“

(…)

Dass der Secret Service in der Tat die Flugbewegungen im Luftraum verfolgte, belegte kein anderer als die damalige Vizedirektorin des USSS selbst, Barbara Riggs, in einem späteren Interview zu den Ereignissen. Zitat:

„Durch Radarbeobachtung und Aktivierung einer offenen Leitung mit der FAA, war es dem Secret Service möglich Information(en) in Echtzeit über ein anderes entführtes Flugzeug zu bekommen. Wir verfolgten zwei entführte Flugzeuge wie sie sich Washington, DC, näherten und unsere Einschätzung war, dass sie das Weiße Haus zum Ziel hatten.“

Dass der älteste reguläre Geheimdienst der Vereinigten Staaten, den wir hier weiter kulant mit USSS abkürzen, exakt sieben Jahre nach dem Crash der Cesna auf dem Rasen des Weißen Hauses, und nach Jahrzehnten der prioritären Sicherung des Präsidenten während des Kalten Krieges, am 11. September 2001 offensichtlich doch über eigene Luftabwehrsysteme verfügte, belegt folgender Mitschnitt (Auszug aus diesem Tondokument im National Archive, 5 DCC 1927 Ops phone 5134 Position 34 1315-1415 UTC, Zeitperiode 08:15-09:15 EDT, im File ab 50.00 min):

11.09.2021 - 16:15 [ Federation of American Scientists - fas.org ]

CRITICAL FOUNDATIONS: PROTECTING AMERICA’S INFRASTRUCTURES – The Report of the President’s Commission on Critical Infrastructure Protection

(13.10.1997)

Existing Information Sharing Efforts

(…) We also found a great deal of information sharing already underway. Trade associations, consortia, and other groups exchange information among their members and, in some cases, directly with government. Many federal, state and local government agencies have existing relationships with infrastructure owners and operators. Within all the infrastructure sectors, at least some portions are subject to regulatory control by government agencies, and information is shared, albeit sometimes within carefully defined constraints. Several federal agencies provide information to infrastructure owners and operators. The FBI’s Awareness of National Security Issues and Response (ANSIR) program gives over 25,000 industry members information that provides threat and vulnerability insights. More narrowly focused programs are the Department of Transportation’s terrorist threat notification to the civil aviation industry and the National Security Agency’s INFOSEC Vulnerability Assessment Program, which provides information systems-related data to private sector partners. The Comptroller of the Currency operates another system providing advisories on information integrity and security risks to financial institutions.

(…)

The third and least predictable threat to the infrastructure comes from deliberate attack. Depending on their objectives, attackers may seek to steal, modify, or destroy data stored in information systems or moving over networks, or to degrade the operation of the systems and net-works themselves, denying service to their users. Attackers include national intelligence organizations, information warriors, terrorists, criminals, industrial competitors, hackers, and aggrieved or disloyal insiders. While insiders constitute the single largest known security threat to information and information systems, controlled testing indicates that large numbers of computer based attacks go undetected, and that the unknown component of the threat may exceed the known component by orders of magnitude.

(…)

The air traffic control system of the FAA is based on decades old technology. The replacement system, while doubtless more efficient, will be more vulnerable unless special security measures are incorporated.

(…)

The Commission recommends the Secretary of Transportation:

1) Fully evaluate actual and potential sources of interference to, and vulnerabilities of, GPS before a final decision is reached to eliminate all other radiovnavigation and aircraft landing guidance systems.

2) Sponsor a risk assessment for GPS-based systems used by the civilian sector, projected from now through the year 2010.

3) Base decisions regarding the proper federal navigation systems mix and the final architecture of the NAS on the results of that assessment. The DOT and FAA must develop a better understanding of interference and other vulnerabilities of GPS before a final decision is reached concerning the status of all other radionavigation and landing guidance systems. A federally sponsored thorough, integrated risk assessment would lay a sound foundation for decisions on future courses of action.

The National Airspace System

The Commission recommends the FAA act immediately to develop, establish, fund, and implement a comprehensive National Airspace System Security Program to protect the modernized NAS from information-based and other disruptions, intrusions and attack. Program implementation should be guided by the recommendations found in the Vulnerability Assessment of the NAS Architecture, prepared for the Commission. The Vulnerability Assessment included the following recommendations: (…)

3) The FAA should consider the implementation of full “trusted” hardware and software security capabilities for only the FAA’s most vulnerable future subsystems, since the software cost for embedded applications, together with full audit, tracking, and monitoring, may be too great if applied to all subsystems. Relaxation of the full capabilities, such as less rapid revalidation (e.g., a slower fifteen minutes down time) and less constant vigilance of data integrity, should be considered on a case-by-case basis for less critical subsystems, particularly in situations where existing air traffic control recovery procedures exist.

4) The FAA should conduct a comprehensive investment analysis of NAS INFOSEC in order to determine the degree of security protection that is needed

(…)

Transportation: A critical infrastructure characterized by the physical distribution system critical to supporting the national security and economic well-being of this nation, including the national airspace system, airlines and aircraft, and airports; roads and highways,trucking and personal vehicles; ports and waterways and the vessels operating thereon; mass transit, both rail and bus; pipelines, including natural gas, petroleum, and other hazardous materials; freight and long haul passenger rail; and delivery services.

11.09.2021 - 16:02 [ Radio Utopie ]

DER 11. SEPTEMBER: Langer Marsch eines Molochs

(10.09.2014)

Die Kommission

Auf dem langen Marsch der Institutionen in den 11. September gab es manchen großen Sprung nach vorn. Einen zentralen davon repräsentiert die unter Bill Clinton 1996 formierte „Kommission des Präsidenten zum Schutz kritischer Infrastruktur“. In der Kommission waren, fast schon klischeehaft, die Bausteine des heutigen imperialen Molochs, des „lebenden, atmenden Organismus“, „jeder Kontrolle entwachsen“, des “elektronischen Polizeistaates”, des “sicherheitsindustriellen Komplexes” vertreten, der fünf Jahre später durch den 11. September entfesselt und über die Welt herfallen sollte, obwohl er angeblich dafür gezüchtet worden war genau solche Attentate zu verhindern.

Neben den Konsortien AT&T (früher das landesweite Telefonmonopol Bell Company, s.o.) und dem vor dem Ersten Weltkrieg als „Computing Tabulating Recording Company“ gegründeten IBM Konzern saßen NSA, CIA, FBI, Militär, Pentagon, das Justizministerium, hochrangige Bürokraten des Präsidentenpalastes der heute „Weißes Haus“ genannt wird, die Zentralbank Fed, das Finanzministerium, das Transportministerium, das 1934 aus fünf Industrie-Vereinigungen verschmolzene Eisenbahn-Trust „Association of American Railroads“, das Handelsministerium, die Eliteuniversität in Georgetown, usw, usw.

Den Vorsitz hatte der 1925 geborene Robert T. Marsh, ein Vier-Sterne-General, bereits seit dem Zweiten Weltkrieg in der Air Force, später im Kalten Krieg als Stabsoffizier im Strategischen Kommando zuständig für die Infrastruktur gebunkerter Atomwaffen, sowie u.a. Leiter der Produktions- und Entwicklungsstätte elektronischer Systeme der Air Force auf der Luftwaffenbasis in Hanscom.

In ihrem am Oktober 1997 überreichten Bericht machte die Kommission eine endlose Reihe von „Empfehlungen“ für Gesetze, Behörden und Bestimmungen, sowie dazu gleich eine ebenso lange Reihe von Rechtsbegriffen bzw Definitionen, die später durch den Präsidenten eins zu eins umgesetzt wurden, u.a. in den geheimen Präsidentenbefehlen PDD 62 und PDD 63.

Bereits zu diesem Zeitpunkt, in 1997, betonte die Kommission:

„Wir müssen unser neues Denken der Cyber-Dimension anpassen. .. Mit das Wichtigste ist zu erkennen, dass die Besitzer und Betreiber unserer kritischen Infrastruktur nun an den Frontlinien unserer Sicherheitsbemühungen stehen. Sie sind diejenigen, die gegenüber Cyber-Attacken am Verwundbarsten sind. Und diese Verwundbarkeit setzt unsere Nationale Sicherheit, unsere globale wirtschaftliche Wettbewerbsfähigkeit und unser heimisches Wohlergehen auf´s Spiel.

Es ist in diesem Sinne, dass wir unseren Bericht vorstellen.“

Leider ist die nächste Seite des Berichts „absichtlich leer gelassen“. So ganz öffentlich war der Bericht nicht.

Ebenfalls in weiser Voraussicht formulierte die „Kommission des Präsidenten zum Schutz kritischer Infrastruktur“:

„Das Transportministerium hat den Gesetzentwurf H.R. 1720, Surface Transportation Safety Act of 1997, übermittelt, der entworfen wurde um Passagiere und Angestellte in Schienenverkehr und Massentransportsystemen und die Bewegungen von Fracht durch Schienenverkehr vor terroristischen Angriffen / Terroranschlägen („terrorist attacks“) zu beschützen. Die Kommission empfiehlt diesem Gesetzentwurf starke Unterstützung durch Administration und Kongress zu geben.“

Eine „kritische“ (entscheidende, „critical“) Infrastruktur im Transport-Sektor definierte die Präsidentenkommission als

„charakterisiert durch das physische Vertriebs (Beförderungs-)system, das kritisch ist in der Unterstützung der Nationalen Sicherheit und dem ökonomischen Wohlergehen dieser Nation, eingeschlossen das nationale Luftraumsystem, Fluglinien und Flugzeuge, und Flughäfen.“

Auch was die Sicherheit im Flugverkehr anging, sprach man, vier Jahre vor 9/11, schon durchaus miteinander.

„Mehrere Bundesbehörden stellen Besitzern und Betreibern von Infrastruktur Information(en) zur Verfügung. Das ´Awareness of National Security Issues and Response´ (ANSIR) Programm des FBI gibt über 25.000 Mitgliedern der Industrie Auskunft („information“), die Einblicke in Bedrohung und Verwundbarkeit gibt. Enger gefasste Programme sind die Benachrichtigung des Transportministeriums über terroristische Bedrohungen an die zivile Luftfahrtindustrie und die informationssicherheitsbezogene Verwundbarkeits-Einschätzung („INFOSEC Vulnerability Assessment“) der National Security Agency, das informationssystem-bezogene Daten Partnern im privaten Sektor zur Verfügung stellt.“

Dem Transportministerium und seiner Luftfahrtbehörde FAA („Federal Aviation Administration“) konstatierte die Präsidentenkommission in 1997:

„Die Sicherheit (in) der zivilen Luftfahrt bleibt die erste Priorität und der Schwerpunkt des Transportministeriums. Die FAA hat die Verantwortung und die Autorität Notfallmaßnahmen für Luftfahrtunternehmen und Flughäfen anzufordern, um schnell und effektiv mit unmittelbaren Bedrohungen gegen die zivile Luftfahrt umzugehen.“

Aber:

„Das Luftfahrtkontrollsystem der FAA basiert auf Jahrzehnte alter Technologie. Das Ersatzsystem, obwohl zweifellos effizienter, wird verwundbarer sein, wenn keine speziellen Sicherheitsmaßnahmen eingefügt werden.“

Und deshalb:

„Empfehlen wir: Die Bundesluftfahrtbehörde (FAA) handelt sofort darin, ein umfassendes Nationales Luftraum-Sicherheitsprogramm zu entwickeln, etablieren, finanzieren und zu implementieren, um das modernisierte Nationale Luftraum-System vor informations-basierten und anderen Störungen, Eindringungen („intrusions“) und Angriffen zu beschützen. Umsetzung durch Programm sollte geleitet sein von den Empfehlungen, die man im ´Vulnerability Assessment of the FAA National Airspace System Architecture´ findet, die für diese Kommission vorbereitet wurde.“

Man empfahl dem Präsidenten also etwas, was einem empfohlen worden war.

Das neue System der Luftfahrtbehörde FAA

(…………………………………….)

04.09.2021 - 20:06 [ DNS.sb ]

How to set DNS over TLS on Android

1. Go to Settings and open Network & internet

2. Press Advanced

3. Press Private DNS

4. Select Private DNS provider hostname and input our hostname dot.sb

5. Press Save

04.09.2021 - 20:04 [ DNS.sb ]

How to set DNS over TLS on Linux

For modern Linux distributions, we recommend using systemd-resolved
#
1. Enable systemd-resolved

systemctl start systemd-resolved
#
2. Open /etc/systemd/resolved.conf

vim /etc/systemd/resolved.conf

…..

04.09.2021 - 19:49 [ der-windows-papst.de ]

DNS over TLS FritzBox aktivieren

DoT ist letztlich nur ein weiterer Schritt die Privatsphäre zu schützen. Diese Technik verschlüsselt nur die Strecke vom heimischen Router bis hin zum Resolver des Anbieters.

04.09.2021 - 19:46 [ SecurityMagazine.com ]

Disappearing DNS: DoT and DoH, Where one Letter Makes a Great Difference

(February 6, 2020)

While both offer encryption of DNS data using the same TLS protocol, there are some very important differences:

– Protocol layering: while DoT is essentially DNS over TLS, DoH is in fact DNS over HTTP over TLS.
– Different port numbers: DoT traffic uses a dedicated port 853, and can thus be distinguished at the network layer. DoH uses port 443 (HTTPS) due to the protocol layering.
– Different capabilities: DoT is largely the same DNS as we know it, while DoH to an extent combines features of DNS and HTTP.

30.07.2021 - 07:21 [ DeviceInfo.me ]

Device Info

Device Type / Model:

Operating System:

True Operating System Core:

Browser:

True Browser Core:

Browser Build Number / Identifier:

IP Address (WAN)

Tor Relay IP Address:

VPN IP Address:

Proxy IP Address:

Hostname:

Location:

Country:

Region:

City:

Latitude & Longitude:

Geolocation:

……………………………

30.07.2021 - 07:17 [ Browserleaks.com ]

What Is My IP Address

IP address:
Hostname:
Country:
State/Region:
City:
ISP:
Organization:
Connection Type:
Timezone:
Local Time:
Coordinates:

IPv6 Leak Test:
IPv6 Address:

WebRTC Leak Test:
Local IP address:
Public IP address:

DNS Leak Test:
Test Results Found …
Your DNS Servers:

26.07.2021 - 12:05 [ ZDF ]

Reporter ohne Grenzen – Pegasus „nicht nur ein israelisches Problem“

Das sagt Mihr über Software als Waffe:

„Es fehlt der politische Wille. Es gibt seit 2013 im Rahmen des Wassenaar Arrangement zu konventionellen Waffen ein Regulierungsregime, aber da ist Israel nicht Mitglied. Und das ist nicht nur ein israelisches Problem. Das ist potenziell auch ein europäisches Problem.“

23.07.2021 - 06:49 [ ORF.at ]

EU erhielt die zwölfte Cybersicherheitsorganisation

(04.07.2021)

Ein aktuelles, schlagendes Beispiel dafür ist die Neufassung der deutschen Cybersicherheitsstrategie. In Deutschland ist es Teil dieser Strategie, gewisse neuentdeckte Software-Sicherheitslücken für Polizei – und Geheimdienste offenzuhalten, die deutsche Cyberbehörde ZiTis soll die zugehörige Trojaner-Schadsoftware für mehrere Dutzend deutsche Bundes- Landesbehörden entwickeln.

23.07.2021 - 06:44 [ Tagesschau.de ]

Spähsoftware: Merkel fordert Verkaufslimit für „Pegasus“

Merkel erklärte, der Verkauf der Software müsse an restriktive Bedingungen geknüpft werden. So solle sie nicht an Länder geliefert werden, „in den eine gerichtliche Überwachung von solchen Angriffen vielleicht nicht gesichert ist“.

19.07.2021 - 08:07 [ Tagesschau.de ]

Spionagesoftware „Pegasus“: Darf’s ein bisschen mehr sein?

Ein Jahr zuvor, im Oktober 2017, wurde NSO schon beim Bundeskriminalamt (BKA) in Wiesbaden vorstellig. Ebenso gab es Gespräche mit dem BND und dem Bundesamt für Verfassungsschutz. Mit den Cyberexperten vom bayerischen Landeskriminalamt (LKA) trafen sich die Vertreter der israelischen Firma im Jahr 2019 sogar gleich zwei Mal. Bei einer weiteren Vorführung im September 2019 im Innenministerium in München war sogar Minister Joachim Herrmann anwesend, wie ein Sprecher mitteilte.

Die deutschen Sicherheitsexperten waren sehr beeindruckt von der Technologie von NSO, berichten Teilnehmer der Produktvorführungen.

19.07.2021 - 06:19 [ Organized Crime and Corruption Reporting Project / Twitter ]

iMessage, WhatsApp, and FaceTime are vulnerable to „zero-click exploits“ — bugs that allow hackers to commandeer a mobile phone even when the target does nothing to trigger the breach. #PegasusProject

19.07.2021 - 06:15 [ Bill Marczak / Twitter ]

(1) @AmnestyTech saw an iOS 14.6 device hacked with a zero-click iMessage exploit to install Pegasus. We at @citizenlab also saw 14.6 device hacked with a zero-click iMessage exploit to install Pegasus. All this indicates that NSO Group can break into the latest iPhones.

19.07.2021 - 05:06 [ Tagesschau.de ]

Spähsoftware: Wie „Pegasus“ aufs Handy kommt

Sicherheitsexperten von Amnesty International fanden auf mehreren, auch aktuellen iPhones Spuren der „Pegasus“-Software, die anscheinend auf diesem Weg auf das Gerät gelangt war. Ihrer Analyse zufolge kann das Spähprogramm unter Ausnutzung des internetbasierten Dienstes iMessage aus der Ferne installiert werden. Die NSO-Kunden müssen dafür nur die Telefonnummer der Zielperson eingeben.

19.07.2021 - 04:48 [ Tagesschau.de ]

Trojaner „Pegasus“: Wie autoritäre Staaten ihre Gegner ausspähen

Gemeinsam mit der Organisation Forbidden Stories und Amnesty International haben die Journalisten einen Datensatz von mehr als 50.000 Telefonnummern ausgewertet.

Es handelt sich dabei um eine Liste von potenziellen Ausspähzielen, die von Kunden der israelischen Firma NSO Group ausgewählt wurden. NSO gehört zu den führenden Herstellern kommerzieller Spionagesoftware,

19.07.2021 - 04:40 [ Haaretz ]

NSO’s Pegasus: The Israeli Cyber Weapon Oppressive Regimes Used Against 180 Journalists

Forbidden Stories and Amnesty International had access to a leak of more than 50,000 records of phone numbers that NSO clients selected for surveillance. According to an analysis of these records by the group and its partners, more than 180 journalists were selected in 21 countries by at least 12 NSO clients.

01.07.2021 - 11:03 [ Haaretz ]

Israeli Charged in Global Hacker-for-hire Scheme Seeks Plea Deal

While the indictment does not identify the hackers by name, five people familiar with the case say that Azari is being charged in relation to New Delhi-based BellTroX InfoTech Services, which Reuters last year reported was behind a hacking campaign that targeted lawyers, government officials, businessmen, investors and activists around the world.

Azari is charged with conspiracy to commit hacking, wire fraud, and aggravated identity theft, court documents show.

01.07.2021 - 10:59 [ thePrint.in ]

Small IT firm in Delhi ran one of world’s ‘largest’ hacker-for-hire services: Reuters expose

(10.06.2021)

Citing an article in The Financial Times, which in turn cites the Citizen Lab report, Muddy Waters Research tweeted that a German payment processing company Wirecard was a client of BellTrox.

15.06.2021 - 15:44 [ Cnet ]

IBM now has 18 quantum computers in its fleet of weird machines

(May 6, 2020)

Eighteen quantum computers might not sound like a lot. But given that each one is an unwieldy device chilled within a fraction of a degree above absolute zero and operated by Ph.D. researchers, it’s actually a pretty large fleet. In comparison, Google’s quantum computers lab near Santa Barbara, California, has only five machines, and Honeywell only has six quantum computers.

15.06.2021 - 15:20 [ Weltwirtschaftsforum / World Economic Forum ]

Quantum leap: why the next wave of computers will change the world

(29 Oct 2019)

To break a widely used RSA 2048-bit encryption, a classical computer with one trillion operations per second would need around 300 trillion years. This is such a long time that we all feel very safe.

A quantum computer using Shor’s algorithm could achieve the same feat in just 10 seconds, with a modest 1 million operations per second. That’s the power of quantum computers: 300 trillion years versus 10 seconds.

12.06.2021 - 07:11 [ CNBC.com ]

Apple says it didn’t know Trump’s DOJ was asking for Democrats‘ data when it complied with subpoena

Apple on Friday said it didn’t know former President Donald Trump’s Department of Justice was subpoenaed data on Democrats when it complied with the request.
Apple said it was under a gag order not to disclose the subpoena to the affected parties.
Microsoft also acknowledged it received a similar subpoena.

12.06.2021 - 07:06 [ ORF.at ]

Ausspähung durch Trump-Regierung sorgt für Empörung

Die „New York Times“ schrieb, Angehörige des Justizministeriums hätten 2017 und 2018 von Apple unter Strafandrohung die Herausgabe von Daten der Betroffenen verlangt – als Teil von Untersuchungen zu möglicher Weitergabe offizieller Informationen rund um die Russland-Ermittlungen gegen Trump. Apple sei zugleich verpflichtet worden, Stillschweigen über die Datenanforderung zu wahren.

10.06.2021 - 10:14 [ theGuardian.com ]

„Any Palestinian is exposed to monitoring by the Israeli Big Brother“: Testimonies from people who worked in the Israeli Intelligence Corps tell of a system where there were no boundaries

(12 Sep 2014)

„From a political standpoint, information is collected that can serve to manipulate Israeli, Palestinian and international politics.

Although ours is not actual field work, it has serious impact on the lives of many people, and this is something that I think soldiers in the unit forget when everyone just does their part. Since we’re so focused on not missing any important developments, we always prefer to assume the worst. For example, if anyone is suspected, even very faintly, it is possible that the stain will never fade, and that person will suffer sanctions as a result.

Our daily service dulls everyone’s sensitivity and this is reflected, for example, in running jokes about very personal things that come up in our intelligence material. Or, for instance, in the expression “blood on the headset”, or X’s marked on our headsets after assassinations.

After my discharge from the Intelligence Corps, I had a moment of shock while watching the film The Lives of Others, about the secret police in East Germany.

On the one hand, I felt solidarity with the victims, with the oppressed people who were denied such basic rights as I take for granted to be mine. On the other hand, I realised that the job I had done during my military service was that of the oppressor.

My first reaction as a discharged soldier was that we do the same things, only much more efficiently.“

06.06.2021 - 12:35 [ DeviceInfo.me ]

Device Info

Device Type / Model:

Operating System:

True Operating System Core:

Browser:

True Browser Core:

Browser Build Number / Identifier:

IP Address (WAN)

Tor Relay IP Address:

VPN IP Address:

Proxy IP Address:

Hostname:

Location:

Country:

Region:

City:

Latitude & Longitude:

Geolocation:

……………………………

06.06.2021 - 12:32 [ Browserleaks.com ]

What Is My IP Address

IP address:
Hostname:
Country:
State/Region:
City:
ISP:
Organization:
Connection Type:
Timezone:
Local Time:
Coordinates:

IPv6 Leak Test:
IPv6 Address:

WebRTC Leak Test:
Local IP address:
Public IP address:

DNS Leak Test:
Test Results Found …
Your DNS Servers:

05.06.2021 - 12:38 [ Radio Utopie ]

DER 11. SEPTEMBER: Langer Marsch eines Molochs

(10. September 2014)

Entgegen der heutigen Wahrnehmung rauschte die Regierung der USA Anfang des 21. Jahrhunderts keineswegs unvorbereitet in die Attentate des 11. Septembers. Im Gegenteil waren über Jahrzehnte umfangreichste, weit verzweigte „Sicherheits“-Strukturen aufgebaut worden, bereits damals in enger Symbiose mit dem „privaten“, also internationalen kommerziellen Sektor. Sie dienten primär der Informationsgewinnung, innerstaatlich wie international. Legitimation und teils geheime, durch abermals geheime Interpretationen bzw „Rechtsmeinungen“ („legal opinions“) zusätzlich ausgelegte „Executive Orders“ der Präsidenten, bildeten die Rechtfertigung für den Aufbau eines Molochs, eines „lebenden, atmenden Organismus“, der, „jeder Kontrolle entwachsen“, von genau denjenigen finanziert wurde, gegen die er einmal marschieren sollte.

24.03.2021 - 17:09 [ free-proxy.cz/en/ ]

Free Proxy

There are currently … proxy servers in our database

24.03.2021 - 17:06 [ DeviceInfo.me ]

Device Info

Device Type / Model:

Operating System:

True Operating System Core:

Browser:

True Browser Core:

Browser Build Number / Identifier:

IP Address (WAN)

Tor Relay IP Address:

VPN IP Address:

Proxy IP Address:

Hostname:

Location:

Country:

Region:

City:

Latitude & Longitude:

Geolocation:

……………………………

24.03.2021 - 17:03 [ Browserleaks.com ]

What Is My IP Address

DNS Leak Test

Test Results:

24.03.2021 - 16:51 [ AddictiveTips.com ]

How To Use DNSCrypt To Encrypt DNS Traffic On Linux

DNSCrypt is a local program that, when set up correctly on any Linux PC, can lock up all DNS traffic and ensure everything safely goes to the right place.

Most Linux distributions have DNSCrypt in their software sources, so installing it is a breeze. Open up a terminal and enter the commands that correspond to your Linux distribution.

24.03.2021 - 16:44 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

24.03.2021 - 16:41 [ ZDNet.de ]

Simple DNSCrypt: DNS-Abfragen unter Windows verschlüsseln

(05.02.2021)

Bereits 2017 hat der Informatiker Dominik Herrmann in seiner Dissertation „Das Internet-Adressbuch bedroht unsere Privatsphäre“ (PDF) nachgewiesen, wie anhand von unverschlüsselten DNS-Abfragen, die Identität eines Internetnutzers ermittelt werden kann. Herrmann sieht eine Zentralisierung der Namensauflösung für die internationale Konzerne wie Google, OpenDNS und Symantec verantwortlich seien. „Im Jahr 2016 beantworteten allein die DNS-Server von Google schon mehr als 13 Prozent aller DNS-Anfragen pro Tag.“

24.03.2021 - 16:22 [ SecurityMagazine.com ]

Disappearing DNS: DoT and DoH, Where one Letter Makes a Great Difference

(February 6, 2020)

While both offer encryption of DNS data using the same TLS protocol, there are some very important differences:

– Protocol layering: while DoT is essentially DNS over TLS, DoH is in fact DNS over HTTP over TLS.
– Different port numbers: DoT traffic uses a dedicated port 853, and can thus be distinguished at the network layer. DoH uses port 443 (HTTPS) due to the protocol layering.
– Different capabilities: DoT is largely the same DNS as we know it, while DoH to an extent combines features of DNS and HTTP.

24.03.2021 - 15:12 [ LinuxSecurity.com ]

6 ways HTTP/3 benefits security (and 7 serious concerns)

(29 Jun 2020)

HTTP3, the third official version of hypertext transfer protocol (HTTP), will not use the transmission control protocol (TCP) as did its predecessors. Instead, it uses the quick UDP internet connections (QUIC) protocol developed by Google in 2012.

24.03.2021 - 15:08 [ Jake Miller / labs.bishopfox.com ]

h2c Smuggling: Request Smuggling Via HTTP/2 Cleartext (h2c)

(Sep 8, 2020)

The revival of HTTP request smuggling has led to devastating vulnerabilities in our modern application deployments. An HTTP request smuggled past the validation of an edge server can lead to serious consequences, including forged internal headers, access to internal management endpoints, and a variety of opportunities for privilege escalation.

HTTP/2 (or HTTP/3) is a promising solution to the issues we’ve faced with request smuggling, but support for HTTP/1.1 isn’t going away anytime soon. In the meantime, we’re still in for more surprises from our good friend HTTP/1.1.

In this post, I demonstrate how upgrading HTTP/1.1 connections to lesser-known HTTP/2 over cleartext (h2c) connections can allow a bypass of reverse proxy access controls, and lead to long-lived, unrestricted HTTP traffic directly to back-end servers.

14.03.2021 - 13:38 [ Haaretz ]

Leaked Voter Info and Illegal Electioneering: Inside Netanyahu’s Election Day App

The Elector app provides parties access to the huge database of eligible voters – 6.5 million Israelis. This in and of itself is still legal; every party is also permitted to augment the data to help their voter turnout efforts.

13.03.2021 - 16:12 [ Nachdenkseiten ]

IBM, der digitale Impfnachweis und die dunkle Vergangenheit. Dazu ein älterer Artikel von Werner Rügemer

BM, 1922 in New York mit Firmenhymne und Führerprinzip gegründet, ist seitdem ein Vorreiter des internationalen, aggressiven Kapitalismus. IBM-Chef Watson bewunderte autoritäre Politiker wie Mussolini und Hitler, womit er freilich weder in den USA (Henry Ford) noch in Europa alleinstand. Die Dehomag (Deutsche Hollerith-Maschinen-Aktien-Gesellschaft), von fanatischen Nazis geleitet, zu 90 Prozent in IBM-Besitz, wurde bis Kriegsende die erfolgreichste IBM-Tochter. Von der ersten NS-Volkszählung 1933 bis zum letzten Judentransport 1945: IBM war immer dabei. Tausende Hollerith-Maschinen wurden bei Reichsbahn, Statistik und Finanzämtern, Polizei und Post eingesetzt, nicht zuletzt in den KZ. Ahnenforschung und Rassenkunde wurden automatisiert. Mit ebensolcher Geschwindigkeit automatisierten Großunternehmen ihre Produktion, Buchhaltung und Lagerhaltung mit der neuen Datenverarbeitung aus den USA.

09.03.2021 - 18:43 [ Tagesschau.de ]

IBM soll deutschen Impfpass entwickeln

Bundesgesundheitsminister Jens Spahn hatte bereits vor Wochen einen digitalen Impfpass angekündigt. Auch Bundesaußenminister Heiko Maas hatte sich für ein digitales Dokument ausgesprochen. Nun nimmt ein digitaler Nachweis, der das gelbe Impfheft ergänzen und ersetzen kann, Gestalt an.

09.03.2021 - 11:24 [ WDR ]

Der Corona-Impfpass kommt: Fragen und Antworten zum EU-Impfausweis

(26.02.2021)

Die EU-Kommission brauche noch „etwa drei Monate“, um die technischen Voraussetzungen für das neue digitale Dokument zu schaffen, sagte Kommissionspräsidentin Ursula von der Leyen (CDU). „Die Erwartung ist schon, dass das bis zum Sommer fertig ist“, so auch Kanzlerin Angela Merkel (CDU).

09.03.2021 - 10:24 [ ORF.at ]

Impfausweis für international Reisende in China eingeführt

Über einen QR-Code können damit auch andere Staaten die Daten der Nutzer bei deren Einreise auslesen.

03.03.2021 - 13:06 [ macobserver.com ]

5 Encrypted DNS Services to Use on iOS and macOS

Short for Domain Name System, DNS is commonly referred to as the “phone book” of the internet. It helps connect web browsers with web servers by translating addresses like 104.26.0.124 into www.macobserver.com. Here are five encrypted DNS services that I recommend.

There are several different ways to use a DNS server. One is to manually go into network settings on each and configure the Wi-Fi. The second way is to download an app, and the third way is to go into your router settings and configure it there.

03.03.2021 - 12:56 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

03.03.2021 - 12:45 [ addictivetips.com ]

How To Use DNSCrypt To Encrypt DNS Traffic On Linux

DNSCrypt is a local program that, when set up correctly on any Linux PC, can lock up all DNS traffic and ensure everything safely goes to the right place.

Most Linux distributions have DNSCrypt in their software sources, so installing it is a breeze. Open up a terminal and enter the commands that correspond to your Linux distribution.

03.03.2021 - 12:07 [ free-proxy.cz/en/ ]

Free Proxy

There are currently 7156 proxy servers in our database

03.03.2021 - 12:04 [ Browserleaks.com ]

Browserleaks.com

It has long been believed that IP addresses and Cookies are the only reliable digital fingerprints used to track people online. But after a while, things got out of hand when modern web technologies allowed interested organizations to use new ways to identify and track users without their knowledge and with no way to avoid it.

BrowserLeaks is all about browsing privacy and web browser fingerprinting. Here you will find a gallery of web technologies security testing tools that will show you what kind of personal identity data can be leaked, and how to protect yourself from this.

03.03.2021 - 12:00 [ DeviceInfo.me ]

Device Info

Device Type / Model:

Operating System:

True Operating System Core:

Browser:

True Browser Core:

Browser Build Number / Identifier:

IP Address (WAN)

Tor Relay IP Address:

VPN IP Address:

Proxy IP Address:

Hostname:

Location:

Country:

Region:

City:

Latitude & Longitude:

Geolocation:

……………………………

24.02.2021 - 11:35 [ Yahoo.com ]

SolarWinds, Microsoft, FireEye, CrowdStrike defend actions in major hack – U.S. Senate hearing

Lawmakers started the hearing by criticizing Amazon representatives, who they said were invited to testify and whose servers were used to launch the cyberattack, for declining to attend the hearing.

24.02.2021 - 10:28 [ Zero Hedge ]

60 Years After Eisenhower’s Warning, Distinct Signs Of A ‚Digital-Intelligence Complex‘

In June 2019, Susan Gordon stood on a stage at the Washington Convention Center. Behind her loomed three giant letters, “AWS,” the abbreviation for Amazon Web Services, the cloud computing division of the giant Internet retailer.

After three decades at the Central Intelligence Agency, Gordon had risen to one of the top jobs in the cloak-and-dagger world: principal deputy director of national intelligence. From that perch she publicly extolled the virtues of Amazon Web Services and the cloud services the tech giant provides the CIA.

20.02.2021 - 07:04 [ researchgate.net ]

Cybersecurity-Regulierung 2021: Update

– Schaffung eines einheitlichen EU-Regulierungsrahmens als strategisches Ziel, Deutschland sollte als Vorreiter der europäischen Position agieren.

Cyber-Sicherheitsstrategie 2021

→ Aktuell: Beschlussfassung geplant für Mai 2021

Übersicht
– Deutsche Cyber-Sicherheitsstrategie 2021
– Zweites Gesetz zur Erhöhung der Sicherheit informationstechnischer
Systeme (IT-SiG 2.0)
– The EU’s Cybersecurity Strategy for the Digital Decade
– Proposal for a Directive on measures for a high common level of
cybersecurity across the Union, repealing Directive (EU) 2016/1148
(NIS 2)
– EU DID- und WK-Richtlinie inkl. nationaler Umsetzungsrechtsakte

20.02.2021 - 06:54 [ connect.geant.org ]

Running your own DNS service? There may be changes ahead.

(22.01.2021)

As a consequence of this directive’s quite broad definition of DNS, every organisation or individual running their own DNS will have to comply by registering their DNS service with ENISA, the EU agency for Cyber Security. This applies not only to top level domain DNS, but also to universities, companies of all sizes and ICT-enthusiasts who run their own DNS service at home.

20.02.2021 - 06:20 [ jdsupra.com ]

New EU Cybersecurity Strategy: European Commission Accelerates Push for EU to Lead in Cybersecurity Regulation

(24.12.2020)

Broadening the extra-territorial effect already in place under the current regime, selected providers of digital infrastructure or digital services who do not have a European establishment, but offer services in the EU, will also fall under the scope of the proposed NIS 2 Directive (and, to that end, will have to designate a representative in the EU). This will affect DNS service providers, TLD name registries, cloud computing service providers, data centre service providers and content delivery network providers, as well as providers of online marketplaces, online search engines and social networking services platforms.

20.02.2021 - 06:06 [ ec.europa.eu ]

Proposal for directive on measures for high common level of cybersecurity across the Union

(16.12.2020)

The Commission proposal establishes a basic framework with responsible key actors on coordinated vulnerability disclosure for newly discovered vulnerabilities across the EU and creating an EU registry on that operated by the European Union Agency for Cybersecurity (ENISA).

18.02.2021 - 15:29 [ SeekingAlpha.com ]

SolarWinds breach launched from within the United States

Neuberger notably said the attack, which compromised „9 federal agencies and about 100 private companies,“ was launched from inside the United States.
SolarWinds shares are down 1.4%. Two security names closely tied to the hack, FireEye (FEYE -3.2%) and CrowdStrike (CRWD -2.5%), are also in the red.

18.02.2021 - 15:28 [ CNN ]

Biden administration says investigation into SolarWinds hack is likely to take „several months“

The US government’s probe into the devastating SolarWinds breach is likely to take „several months“ at least, according to the top White House cybersecurity official, speaking to reporters Wednesday in the Biden administration’s first public assessment of the gravity of the suspected Russian spying campaign.

17.02.2021 - 18:02 [ DeviceInfo.me ]

Device Info

Device Type / Model:

Operating System:

True Operating System Core:

Browser:

True Browser Core:

Browser Build Number / Identifier:

IP Address (WAN)

Tor Relay IP Address:

VPN IP Address:

Proxy IP Address:

Hostname:

Location:

Country:

Region:

City:

Latitude & Longitude:

Geolocation:

……………………………

17.02.2021 - 17:56 [ Browserleaks.com ]

Browserleaks.com

It has long been believed that IP addresses and Cookies are the only reliable digital fingerprints used to track people online. But after a while, things got out of hand when modern web technologies allowed interested organizations to use new ways to identify and track users without their knowledge and with no way to avoid it.

BrowserLeaks is all about browsing privacy and web browser fingerprinting. Here you will find a gallery of web technologies security testing tools that will show you what kind of personal identity data can be leaked, and how to protect yourself from this.

02.02.2021 - 08:02 [ BusinessInsider.com ]

Elon Musk says Neuralink implanted a chip in a monkey’s brain, and now he ‚can play video games using his mind‘

Neuralink has been testing neural interfaces on animals for years. In a video released last year, Neuralink demonstrated its work on a pig named Gertrude.

02.02.2021 - 08:00 [ BusinessInsider.com ]

Elon Musk says there’s a chance his AI-brain-chip company will be putting implants in humans within a year

(May 7, 2020)

Elon Musk says the brain implant his company Neuralink is working on could potentially be ready to be put inside a patient within a year.
Musk made similar claims in 2019, saying that he hoped to have an implant in a patient by the end of 2020.

01.02.2021 - 21:54 [ Independent.co.uk ]

Elon Musk now controls over a quarter of all active satellites as SpaceX prepares to launch 1,000th Starlink

SpaceX CEO Elon Musk now controls a quarter of all active satellites orbiting Earth after launching more than a dozen Starlink missions over the last two years.

A Falcon 9 rocket will deliver the latest batch of 60 Starlink satellites into orbit from Nasa’s Kennedy Space Center in Florida this week, weather permitting, taking the total number of Starlinks in orbit to over 1,000.

01.02.2021 - 21:30 [ Independent.co.uk ]

Elon Musk says he has ‘totally happy’ monkey with brain chip so it can play video games using its mind

Elon Musk has revealed that his Neuralink startup has implanted a wireless chip into a monkey’s brain in order to allow it to play video games.

The technology billionaire, who also heads SpaceX and Tesla, said the monkey “looks totally happy” and that Neuralink’s facilities meet US regulatory requirements.

31.01.2021 - 22:21 [ Mesh.im ]

Mesh – Get a secure, anonymous, peer-to-peer instant messenger

Technitium Mesh is a secure, anonymous, peer-to-peer (p2p), open source instant messenger designed to provide end-to-end encryption. Primary aim of developing this instant messenger is to provide privacy which is achieved using cryptography and anonymity using Tor network. It can be used over Internet and private LAN networks (without Internet) for instant messaging and file transfer with support for private chats and group chats.

31.01.2021 - 21:52 [ Tox.chat ]

Tox – A New Kind of Instant Messaging

Whether it’s corporations or governments, digital surveillance today is widespread. Tox is easy-to-use software that connects you with friends and family without anyone else listening in. While other big-name services require you to pay for features, Tox is completely free and comes without advertising — forever.

30.01.2021 - 16:01 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

30.01.2021 - 16:00 [ addictivetips.com ]

How To Use DNSCrypt To Encrypt DNS Traffic On Linux

DNSCrypt is a local program that, when set up correctly on any Linux PC, can lock up all DNS traffic and ensure everything safely goes to the right place.

Most Linux distributions have DNSCrypt in their software sources, so installing it is a breeze. Open up a terminal and enter the commands that correspond to your Linux distribution.

18.01.2021 - 16:09 [ addictivetips.com ]

How To Use DNSCrypt To Encrypt DNS Traffic On Linux

DNSCrypt is a local program that, when set up correctly on any Linux PC, can lock up all DNS traffic and ensure everything safely goes to the right place.

Most Linux distributions have DNSCrypt in their software sources, so installing it is a breeze. Open up a terminal and enter the commands that correspond to your Linux distribution.

18.01.2021 - 16:00 [ SimpleDNScrypt.org ]

Simple DNSCrypt

Simple DNSCrypt is a simple management tool to configure dscrypt-proxy on windows based systems.

18.01.2021 - 15:50 [ DNSprivacy.org ]

DoT servers

Oct 2020: The list below has been updated to retain only those servers that appear to still be actively maintained

18.01.2021 - 15:47 [ securitymagazine.com ]

Disappearing DNS: DoT and DoH, Where one Letter Makes a Great Difference

(06.02.2020)

Obviously, time will tell if DoT continues to prevail or whether DoH will start to gain ground. As mentioned at the beginning of the article there is a hot debate going on right now about the direction the Internet industry should take. Suffice to say that even nation state authorities are involved in the debate, which speaks to the level and importance of the discussion.

18.01.2021 - 15:41 [ ZDNET.com ]

NSA warns against using DoH inside enterprise networks

The NSA urges companies to host their own DoH resolvers and avoid sending DNS traffic to third-parties.

18.01.2021 - 15:40 [ National Security Agency / Pentagon ]

Adopting Encrypted DNS in Enterprise Environments

Use of the Internet relies on translating domain names (like “nsa.gov”) to Internet Protocoladdresses. This is the job of the Domain Name System (DNS). In the past, DNS lookups were generally unencrypted, since they have to be handled by the network to direct traffic to the right locations. DNSover Hypertext Transfer Protocol over Transport Layer Security (HTTPS), often referred to as DNS over HTTPS (DoH), encrypts DNS requests by using HTTPS to provide privacy, integrity, and “last mile” source authenticationwith a client’s DNS resolver. Itis useful to prevent eavesdropping and manipulationof DNStraffic.While DoH can help protectthe privacy of DNS requests and the integrity of responses, enterprises that use DoH will lose some of the control needed to govern DNS usage within their networksunless they allow only their chosen DoH resolver to be used.Enterprise DNS controlscan prevent numerous threat techniques used by cyber threat actors for initial access, command and control, and exfiltration.

03.01.2021 - 09:50 [ Haaretz ]

From FireEye to Israel: Cyber Emergency Response Chief Warns ‘Everyone’s a Target‘

Though every country has some form of a CERT, the Israeli model, the directorate claims, is unique because not only does it offer help to private firms facing cyberattacks, it has units for different sectors – finance, energy, public security and government.

It also operates what it calls a “proactive” research center that seeks out vulnerabilities before they’re exploited and even has a hotline where anyone can call in to report a cyberattack.

03.01.2021 - 09:45 [ Haaretz ]

A Shady Israeli Intel Genius, His Cyber-spy Van and Million-dollar Deals

(31.12.2020)

Aliada, according to the suit, is a group of cyberweapon companies whose products are branded under the name Intellexa. In May 2019, it added, the group recruited Eran Beck, a former head of the Military Intelligence’s cyber department, as its director of development.

28.12.2020 - 11:47 [ Cyberscoop.com ]

ACLU sues FBI for information about its encryption-cracking skills

The FBI must be more transparent about its ability to break into people’s mobile devices, the American Civil Liberties Union says, and the group is suing for information about what the feds have in their toolkit.

The ACLU says the bureau should come clean about what its Electronic Device Analysis Unit (EDAU) is using “to unlock and decrypt information that is otherwise securely stored on cell phones.”

28.12.2020 - 11:45 [ theIntercept.com ]

Powerful Mobile Phone Surveillance Tool Operates in Obscurity Across the Country

(22.12.2020)

Until now, the Bartonville, Texas, company Hawk Analytics and its product CellHawk have largely escaped public scrutiny. CellHawk has been in wide use by law enforcement, helping police departments, the FBI, and private investigators around the United States convert information collected by cellular providers into maps of people’s locations, movements, and relationships. Police records obtained by The Intercept reveal a troublingly powerful surveillance tool operated in obscurity, with scant oversight.

28.12.2020 - 10:37 [ Rubikon ]

Der Techno-Faschismus

(08.07.2020)

Während ein Großteil der Bevölkerung in Virusangst und Schockstarre gefangen bleibt und die wahren Vorgänge hinter einer Nebelwand aus Falschbehauptungen verschwinden, festigen die Zentren der Macht ihre Herrschaft. Sie realisieren einen Techno-Faschismus bislang unvorstellbaren Ausmaßes, um die Welt nach dem Corona-Reset in eine 4. industrielle Revolution zu führen. Im Folgenden bezieht sich Raul Diego auf die Einführung eines digitalen Gesundheitspasses, der alle Orwellschen Vorstellungen in den Schatten stellt und Privatkonzernen endlose Profitmöglichkeiten eröffnet. Korrupte Regierungen stehen bei diesem weltumspannenden Projekt Pate.

20.12.2020 - 09:10 [ ZDF ]

Auch deutsche Firmen betroffen – Was über den US-Hackerangriff bekannt ist

Nach einem schweren Hackerangriff auf Behörden und Institutionen in den USA ist nach wie vor unklar, wer dahinter steckt.

19.12.2020 - 21:22 [ CNBC ]

Trump contradicts Pompeo, plays down alleged Russian role in cyberattack

Trump’s comments in the form of Twitter posts on Saturday went against comments his secretary of state made less than 24 hours earlier.
SolarWinds, the company at the center of the attack, has not yet blamed any one country.

19.12.2020 - 12:27 [ federalnewsnetwork.com ]

SolarWinds breach raises stakes for NDAA Trump still threatens to veto

Sen. Angus King (I-Maine) said the breach makes a clear case for the work of the Cyberspace Solarium Commission and the cyber provisions that made it into the annual defense policy bill passed by the House and Senate.

“This is the most important bill on cyber ever passed by Congress, and that’s why I’m really hoping that the president will either sign the bill or let it become law without a signature, because there is so much critically important material in the bill,” King said during an annual summit hosted by Defense One.

19.12.2020 - 12:24 [ Cyberspace Solarium Commission ]

Cyberspace Solarium Commission

The Cyberspace Solarium Commission (CSC) was established in the John S. McCain National Defense Authorization Act for Fiscal Year 2019 to „develop a consensus on a strategic approach to defending the United States in cyberspace against cyber attacks of significant consequences.“ The finished report was presented to the public on March 11, 2020.

Our Report

The Cyberspace Solarium Commission’s proposes a strategy of layered cyber deterrence. Our report consists of over 80 recommendations to implement the strategy. These recommendations are organized into 6 pillars:

– Reform the U.S. Government’s Structure and Organization for Cyberspace.

– Strengthen Norms and Non-Military Tools.

– Promote National Resilience.

Reshape the Cyber Ecosystem.

Operationalize Cybersecurity Collaboration with the Private Sector.

– Preserve and Employ the Military Instrument of National Power.

19.12.2020 - 11:52 [ ORF.at ]

Pompeo macht Moskau für Cyberangriff verantwortlich

Der Angriff weitet sich stetig aus. Nicht nur werden immer mehr Betroffene bekannt, darunter die US-Atombehörde und der Softwarehersteller Microsoft, es wurde zudem offenbar weitere Software für die laut US-Behörden sehr ausgefeilten Angriffe manipuliert.

19.12.2020 - 10:35 [ CNN ]

Congressional backers cite cybersecurity provisions as they push Trump to sign defense bill

The massive defense bill that President Donald Trump is threatening to veto contains provisions for increased cybersecurity, which has taken on significantly more importance in the wake of a massive cyberattack on federal agencies at the hands of suspected Russian hackers.

The National Defense Authorization Act includes pay raises for America’s soldiers, modernizations for equipment and provisions to require more scrutiny before troops are withdrawn from Germany or Afghanistan.

19.12.2020 - 09:24 [ Fox News ]

After government hack, media mum on ex-cybersecurity chief highlighted for contradicting Trump’s fraud claims

„As I said in a news briefing, Election Day was ‘just another Tuesday on the Internet,’“ he wrote. „Normal sorts of scanning and probing were happening, but we did not see any successful attacks or damaging disruptions.“

Yet hackers were arms deep in a slew of federal agencies. The infiltration, believed to have been conducted by the Russians, appears to have compromised the Departments of Energy, State, Defense, Homeland Security, Treasury and Commerce. His name did not appear in CNN’s story about CISA and the hack published Thursday.

18.12.2020 - 21:38 [ geekwire.com ]

Microsoft unleashes ‘Death Star’ on SolarWinds hackers in extraordinary response to breach

In the end, this all reminds us how much power Microsoft has at its disposal. Between its control of the Windows operating system, its robust legal team, and its position in the industry, it has the power to change the world nearly overnight if it wants to. And when it chooses to train that power on an adversary, it really is the equivalent of the Death Star: able to completely destroy a planet in a single blast.

18.12.2020 - 21:36 [ domainnamewire.com ]

Domain name sinkholes and those funky domain registrations

(September 2018)

A sinkhole redirects or blocks traffic meant for a destination. They are used by the security community to stop botnet traffic, phishing and other bad activity.

There are many ways to create a sinkhole. An ISP can simply divert traffic from the IP address nameserver you see in Whois to another. A company (or the government) can also go through the courts to get control of a domain name and then change its nameservers.

18.12.2020 - 21:28 [ ZDNet.com ]

Microsoft and industry partners seize key domain used in SolarWinds hack

(15.12.2020)

According to analysis from security firm FireEye, the C&C domain would reply with a DNS response that contained a CNAME field with information on another domain from where the SUNBURST malware would obtain further instructions and additional payloads to execute on an infected company’s network.

18.12.2020 - 19:33 [ bleepingcomputer.com ]

FBI, CISA officially confirm US govt hacks after SolarWinds breach

(17.12.2020)

The compromise of multiple US federal networks following the SolarWinds breach was officially confirmed for the first time in a joint statement released earlier today by the FBI, DHS-CISA, and the Office of the Director of National Intelligence (ODNI).

„Over the course of the past several days, the FBI, CISA, and ODNI have become aware of a significant and ongoing cybersecurity campaign,“ the US intelligence agencies said …

18.12.2020 - 19:18 [ Forbes ]

DHS, DOJ And DOD Are All Customers Of SolarWinds Orion, The Source Of The Huge US Government Hack

Though it’s not clear whether it uses the Orion tool, the DHS’s own Cybersecurity and Infrastructure Security Agency (CISA) is a SolarWinds customer too, buying $45,000-worth of licenses in 2019. The U.S. Cyber Command also spent over $12,000 on SolarWinds tools in the same year.

SolarWinds, a publicly-listed Austin, Texas-based company with a value of over $6 billion, has its own customer list, though it doesn’t break down which products clients use. That list includes more than 425 of the Fortune 500, all major US telecoms providers, the top five U.S. accounting firms, hundreds of global universities, the NSA and the White House.

18.12.2020 - 19:09 [ SolarWinds.com ]

FAQ: Security Advisory

(18.12.2020)

In this case, it appears that the code was intended to be used in a targeted way as its exploitation requires manual intervention. We’ve been advised that the nature of this attack indicates that it may have been conducted by an outside nation state, but SolarWinds has not verified the identity of the attacker.

18.12.2020 - 18:43 [ theHill.com ]

Lawmakers ask whether massive hack amounted to act of war

Hackers believed to be part of a nation state have had access to federal networks since March after exploiting a vulnerability in updates to IT group SolarWinds’s Orion software. The hack has compromised the Treasury, State and Homeland Security departments and branches of the Pentagon, though it is expected to get worse. SolarWinds counts many more federal agencies as customers, along with the majority of U.S. Fortune 500 companies.

18.12.2020 - 11:06 [ theGuardian.com ]

Israeli spy firm suspected of accessing global telecoms via Channel Islands

Invoices seen by the Guardian and the Bureau of Investigative Journalism suggest Rayzone, a corporate spy agency that provides its government clients with “geolocation tools”, used an intermediary in 2018 to lease an access point into the telecoms network via Sure Guernsey, a mobile operator in the Channel Islands.

Such access points, known in the telecoms industry as “global titles”, provide a route into a decades-old global messaging system known as SS7, which allows mobile operators to connect users around the world. It is not uncommon for mobile companies to lease out such access.

18.12.2020 - 10:58 [ Bureau of Investigative Journalism ]

Spy companies using Channel Islands to track phones around the world

The investigation has found that private intelligence companies are able to rent access from mobile phone operators and this can then be exploited to allow the tracking of the physical location of users across the world. They are also potentially able to intercept calls and other private data, including bank accounts and emails.

These intrusions, which are very widely exploited, rely on commands designed to help phone operators track their customers’ whereabouts. Such commands, known as “signals”, are sent via a kind of global switchboard for the telecoms industry called SS7.

14.12.2020 - 15:51 [ ORF.at ]

Vorübergehend weltweite Störung bei Google

Apps, die auf Google-Log-ins setzen, hatten auch Probleme. Nach rund einer Dreiviertelstunde erwachten die Dienste nach und nach zum Leben. Die Ursache des Ausfalls ist noch nicht bekannt.

14.12.2020 - 15:47 [ Techcrunch.com ]

Gmail, YouTube, Google Docs and other services go down in multiple countries (Update: slowly coming back online)

In all, it looks like a huge range of Google services were down for about an hour today. That hour that crossed into business operation times in multiple markets, leading to a slight drop in pre-market trading for parent company Alphabet.

It’s also an alarming reminder of just how far Google reaches, and how many of our services — productivity, entertainment, and home/utility — are tied up with a single, proprietary provider.

14.12.2020 - 09:38 [ Mairav Zonszein מרב זונשיין / Twitter ]

“This system allows tracking of every citizen or resident of Israel. It can also follow intentions or motivations, and not just specific people. It can track everyone who visited the website of anti-Netanyahu protest movement and block the website.“

14.12.2020 - 06:40 [ avi scharf / Twitter ]

Police spying on Israelis online via secret backdoor. Israeli police have for years required internet providers to allow them to track users or websites through a special system

14.12.2020 - 06:09 [ Omer Benjakob / Twitter ]

This is CRAZY Israel’s police have a secret backdoor that allows them to follow any Israeli online or track anyone who visits a certain website: “We say China’s a technological dystopia, but here we live in one too and just don’t know it“