Today was ... interesting. If you followed me for the past months over on the shitbird site, you might have seen a bunch of angry German words, lots of graphs, and the occassional news paper, radio, or TV snippet with yours truely. Let me explain.
In Austria, inflation is way above the EU average. There's no end in sight. This is especially true for basic needs like energy and food.
Our government stated in May that they'd build a food price database together with the big grocery chains. But..
Mozilla's new report on the data privacy of modern cars is nightmare fuel. Enshittification has definitely hit the car industry: https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/
tl;dr: Only tourists look up in a new town.
"Introduction:
Many people have pointed out that there are a handful of commands that are overwhelmingly run by attackers on compromised hosts (and seldom ever by regular users/usage). Reliably alerting when a user on your code-sign server runs whoami.exe can mean the difference between catching a compromise in week-1 (before the attackers dig in) and learning about the attack on CNN.
Introducing our new Sensitive Command Canarytoken."
Mastodon fork getting ported to nostr!
https://soapbox.pub/blog/soapbox-awarded-grant/
After an initial run in June I'm offering another in person course on October 10th to help you learn how to contribute to Bitcoin Core.
It's right before the #BitcoinAmsterdam conference. Utrecht is a just a 20-30 minute train ride away and much nicer anyway, as you'll find out during a quick sightseeing tour around lunch.
https://www.learnbitcoincore.com/
I'm looking for up to ten participants, but a smaller group is fine too.
You should already have programming experience and no command line phobia.
Long rant/observation....
You know what secretly holds much of the financially-oriented cybercrime world together? It's the relatively few evil code wizards who are really good at making malware look benign. They call them cryptors, or encryptors, and their services are known as "crypting."
Crypting is a core method by which malware purveyors try to evade antivirus and security tools, and virtually all serious malware that is deployed for use in data stealing at some point needs to be crypted. Because if you're not doing stuff to obfuscate your malware before sending it out, it's probably going to mostly get caught by antivirus. So, if you're not crypting it yourself (challenging), you probably need to pay someone else to do that.
There are countless cybercriminals who've hung out their shingles as crypting service providers, but most of these people are really not very good at what they do, and are soon out of business. Still, there are a fair number of crypting services that have been around for a while and do a passable job, with somewhat unreliable results.
However, it's crazy how many different big time cybercrime outfits turn to a fairly small number of super-scary crytpers who've been doing malware a LONG time (15-20+ years).
One thing I have discovered in all my lurking on the forums is that the best cryptors are independent contractors who tend to have arrangements with multiple, often competing cybercriminal operations.
In short, if you want to really kneecap a number of cybercrime enterprises all at once, go after the top crypting service providers, and take them off the board.
There are some interesting lessons to learn from the relationship of US bomber command and the use of tracers in the ammunition mix for machine gunners. Basically, they got rid of it because it was doing more harm than good. And then they solved the real problem that tracers illuminated (pun very much intended)
https://buttondown.email/grugq/archive/why-wwii-us-bombers-ditched-tracers-5593/
#Google just announced that going forward, any account not logged into for two years gets deleted.
This means huge amounts of rare or unique #video is about to disappear from #YouTube as accounts get flagged as inactive, such as when the user dies. Families' #HomeMovies (often posted by an older relative for their family's benefit), historical footage, rare #television clips, etc. What an incalculable loss to human #history and culture!
If there are videos important to you on someone else's video channel, find a way to download them. And if you have rare #media of historical importance, consider leaving it to institutional #archives or lending it to archives for digital preservation.
My latest Post, available at:
FBI officials on Tuesday dropped a major bombshell: After spending years monitoring exceptionally stealthy malware that one of the Kremlin’s most advanced hacker units had installed on hundreds of computers around the world, agents unloaded a payload that caused the malware to disable itself.
The counter-hack took aim at Snake, the name of a sprawling piece of cross-platform malware that for more than two decades has been in use for espionage and sabotage. Snake is developed and operated by Turla, one of the world's most sophisticated APTs, short for advanced persistent threats, a term for long-running hacking outfits sponsored by nation-states.
Inside jokes, taunts, and mythical dragons
If nation-sponsored hacking was baseball, then Turla would not just be a Major League team—it would be a perennial playoff contender. Researchers from multiple security firms largely agree that Turla was behind breaches of the US Department of Defense in 2008, and more recently the German Foreign Office and France's military. The group has also been known for unleashing stealthy Linux malware and using satellite-based Internet links to maintain the stealth of its operations.
One of the most powerful tools in Turla’s arsenal is Snake, a digital Swiss Army knife of sorts that runs on Windows, macOS, and Linux. Written in the C programming language, Snake comes as a highly modular series of pieces that are built on top of a massive peer-to-peer network that covertly links one infected computer with another. Snake, the FBI said, has to date spread to more than 50 countries and infected computers belonging to NATO member governments, a US journalist who has covered Russia, and sectors involving critical infrastructure, communications, and education.
Snake is among the most sophisticated pieces of malware ever found, the FBI said. The modular design, custom encryption layers, and high-caliber quality of the code base have made it hard if not impossible for antivirus software to detect. As FBI agents continued to monitor Snake, however, they slowly uncovered some surprising weaknesses. For one, there was a critical cryptographic key with a prime length of just 128 bits, making it vulnerable to factoring attacks that expose the secret key. This weak key was used in Diffie-Hellman key exchanges that allowed each infected machine to have a unique key when communicating with another machine.
In another slipup, Snake developers forgot to scrub the finished code for a new version of programming artifacts. The failure provided important new insights into how the malware worked because it exposed function names, strings in clear text, and developer comments.
Juice jacking, the frightening attack that hacks your phone when you do nothing more than plug it into a public charging station, has become the Halley's Comet of cybersecurity scares. This baseless superstition has circulated on and off for more than a decade, despite there not be a single documented case of it ever happening in the wild.
I'll post a detailed article about precisely what hackers can and can't do when you plug in your phone on Monday.
In the meantime, here's an interview I recently did with tech reporter @richontech about the echo chamber that allows this myth to fester and why people should instead focus on real threats. The segment begins at 18:15
https://www.podpage.com/richontech/015-rich-on-tech-radio-show-april-15-2023/
Cypherpunk · Co-founder & CTO of Casa · creator of http://bitcoin.page, http://lightning.how, http://statoshi.info