DARKEXILE FORUMS

Username:
Password:
1 Hour 1 Day 1 Week 1 Month Forever

Welcome, Guest. Please login or register.
Did you miss your activation email?

• Guests: 8
• Hidden: 0
• Users: 0

There aren't any users online.

• Total Members: 530
• Total Posts: 6288
• Total Topics: 3482
• Total Categories: 10
• Total Boards: 98
• Most Online: 167

February 2012
Sun	Mon	Tue	Wed	Thu	Fri	Sat
			1	2	3	4
5	6	[7]	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29

• - Holidays -
• Groundhog Day

• - Birthdays -
• javariajee (21)

• - Holidays -
• Valentine's Day

• - Birthdays -
• joykillah (30)

BetaNet, Firepacket, Dabarnet, Xinu, Norad, Darkexile

REMINDER ][)K'S BIRTHDAY IS THIS MONTH I THINK FEB 15THI FORGET BUT ][)K AND DARKEXILE IS TURNING 15 YEARS OLD[/b]

HOLY SHIT!!!!!

Update as of 2/2/2012:
Well I've been really sick thats why the page hasn't had much on and irc is a little slow but i'm back now so lets party! anyway just wanted to say hey and here is the warnet update in dk187... Also op darkexile is averaging about 14 people i'm suprised more people keep coming so i'll post that...

Are you frustrated when you try to secure your applications? Do you feel existing Java security solutions are difficult to use and only confuse you further? Les Hazlewood is the Apache Shiro PMC Chair and co-founder and CTO of Katasoft, a start-up focusing on application security products and Apache Shiro professional support. Apache Shiro, a Java security framework that provides a simple but powerful approach to application security.

    CBS+Broadcasting+Hacked
    CBS Broadcasting Hacked

    CBS Broadcasting Hacked by Anonymous Hackers for #OpMegaUpload
    Brazil+Under+Anonymous+Attack+-+Tangara+da+Serra+city+site+defaced+%2521
    Brazil Under Anonymous Attack

    Brazil Under Anonymous Attack - Tangara da Serra city site defaced
    Woohooo%2521+After+%2523SopaBlackout%252C+Congress+Postpones+Action+on+%2523SOPA%252C+%2523PIPA
    Congress Postpones SOPA

    After SopaBlackout, Congress Postpones Action on SOPA and PIPA
    Julian+Assange+interview+on+Spy+Files
    Julian Assange interview

    Julian Assange interview on Spy Files
    Untitled
    The Undead Corporations

    The Undead Corporations by Patti Galle
    CBS+Broadcasting+Hacked
    CBS Broadcasting Hacked

    CBS Broadcasting Hacked by Anonymous Hackers for #OpMegaUpload
    Brazil+Under+Anonymous+Attack+-+Tangara+da+Serra+city+site+defaced+%2521
    Brazil Under Anonymous Attack

    Brazil Under Anonymous Attack - Tangara da Serra city site defaced
    Woohooo%2521+After+%2523SopaBlackout%252C+Congress+Postpones+Action+on+%2523SOPA%252C+%2523PIPA
    Congress Postpones SOPA

    After SopaBlackout, Congress Postpones Action on SOPA and PIPA
    Julian+Assange+interview+on+Spy+Files
    Julian Assange interview

    Julian Assange interview on Spy Files
    Untitled
    The Undead Corporations

    The Undead Corporations by Patti Galle
    CBS+Broadcasting+Hacked
    CBS Broadcasting Hacked

    CBS Broadcasting Hacked by Anonymous Hackers for #OpMegaUpload
    Brazil+Under+Anonymous+Attack+-+Tangara+da+Serra+city+site+defaced+%2521
    Brazil Under Anonymous Attack

    Brazil Under Anonymous Attack - Tangara da Serra city site defaced
    Woohooo%2521+After+%2523SopaBlackout%252C+Congress+Postpones+Action+on+%2523SOPA%252C+%2523PIPA
    Congress Postpones SOPA

    After SopaBlackout, Congress Postpones Action on SOPA and PIPA
    Julian+Assange+interview+on+Spy+Files
    Julian Assange interview

    Julian Assange interview on Spy Files
    Untitled
    The Undead Corporations

    The Undead Corporations by Patti Galle

Subscribe to Security Updates !!
      
Application Security With Apache Shiro : Java security framework
inShare6
Posted by THN Reporter On 2/02/2012 08:43:00 PM

Application Security With Apache Shiro : Java security framework
Application+Security+With+Apache+Shiro+Java+security+framework

Are you frustrated when you try to secure your applications? Do you feel existing Java security solutions are difficult to use and only confuse you further? Les Hazlewood is the Apache Shiro PMC Chair and co-founder and CTO of Katasoft, a start-up focusing on application security products and Apache Shiro professional support. Apache Shiro, a Java security framework that provides a simple but powerful approach to application security.

Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management and can be used to secure any application - from the command line applications, mobile applications to the largest web and enterprise applications. Shiro provides the application security API to perform the following aspects :

    Authentication - proving user identity, often called user ‘login’.
    Authorization - access control
    Cryptography - protecting or hiding data from prying eyes
    Session Management - per-user time-sensitive state

Shiro also supports some auxiliary features, such as web application security, unit testing, and multithreading support, but these exist to reinforce the above four primary concerns.

The framework landscape has changed quite a bit since 2003, so there should still be a compelling reason to use Shiro today. There are quite a few reasons actually. Apache Shiro is:

    Easy To Use - Ease of use is the project’s ultimate goal. Application security can be extremely confusing and frustrating and thought of as a ‘necessary evil’. If you make it so easy to use that novice programmers can start using it, it doesn’t have to be painful anymore.
    Comprehensive - There is no other security framework with the breadth of scope that Apache Shiro claims, so it can likely be your ‘one stop shop’ for your security needs.
    Flexible - Apache Shiro can work in any application environment. While it works in web, EJB, and IoC environments it does not require them. Nor does Shiro mandate any specification or even have many dependencies.
    Web Capable - Apache Shiro has fantastic web application support, allowing you to create flexible security policies based on application URLs and web protocols (e.g. REST), while also providing a set of JSP libraries to control page output.
    Pluggable - Shiro’s clean API and design patterns make it easy to integrate with many other frameworks and applications. You’ll see Shiro integrated seamlessly with frameworks like Spring, Grails, Wicket, Tapestry, Mule, Apache Camel, Vaadin, and many others.
    Supported - Apache Shiro is part of the Apache Software Foundation, an organization proven to act in the best interest of its community. The project development and user groups have friendly citizens ready to help.

Download Apache Shiro

http://www.apache.org/dyn/closer.cgi/shiro/1.2.0/shiro-root-1.2.0-source-release.zip

Glances is a system monitoring tool for GNU/Linux distributions. It grabs information from your system and display its in a CLI curses screen.Glances can monitor CPU, average load, memory, network interface, disk IO, file system space and processes. When a alert is detected, stat is automatically colored and the processes list sorted by CPU or memory.The latest version (1.3.7) displays a log history in the bottom of the screen with the latests alerts.

Glances use a standard GNU style installer:
$ tar zxvf glances-1.3.7.tar.gz
$ cd glances-1.3.7
$ ./configure
$ make
$ sudo make install

Get More info from Documentation and Official site. Download Glances v1.3.7 from Here.

https://github.com/nicolargo/glances/downloads

Get mad and take action as you read how your internet privacy and freedoms are about to be taken away in our editor Patti Galle’s article on SOPA…….coming to your personal rights soon.

The Stop Online Piracy Act (SOPA), or H.R. 3261, is a bill that was introduced on October 26, 2011 in the United States House of Representatives, by right-wing Texas Republican, Representative Lamar Smith and twelve initial co-sponsors. The Stop Online Piracy Act dramatically broadens the capacity of United States law enforcement and copyright holders to fight online trafficking in copyrighted intellectual property and counterfeit goods. Proponents of bill H.R. 3261 state SOPA protects the intellectual property market and related industry, jobs and revenue, and is essential to reinforce and strengthen enforcement of copyright laws particularly against foreign websites. Opponents of the bill forcefully deem that the bill infringes on First Amendment rights, is effectively Internet censorship, and in fact will completely and effectively hobble the Internet. And more importantly, opponents strongly believe SOPA will significantly intimidate, threaten and frighten all potential whistle-blowers and adversely effect many important aspects of free speech.

To date, a large portion of the most important and innovative Internet industries and a very significant percentage of Internet users have shown robust public opposition to Internet-related legislation and SOPA is no exception. Publically argued by top Internet innovators such as Craig Newmark founder of Cragists List, Sergey Brin, co-founder of Google, Reid Hoffman, co-founder of LinkedIn and many other principal Internet industry leaders that SOPA puts the United States on a plane with the majority of tyrannical and oppressive nations in the world, They also firmly believe that SOPA will give the Feds excessive and unacceptable power and authority to censor the Web. (Check out the growing and updated list of impressive opponents. http://www.net-coalition.com/wp-content/uploads/2011/12/Opposition_Dec16.pdf

http://thehackernews.com/2012/01/sopa-hacker-news-say-no-way.html

A relatively fast, easy and inexpensive technique for inducing nanorods – rod-shaped semiconductor nanocrystals – to self-assemble into one-, two- and even three-dimensional macroscopic structures has been developed by a team of researchers with the U.S. Department of Energy (DOE)’s Lawrence Berkeley National Laboratory (Berkeley Lab). This technique should enable more effective use of nanorods in solar cells, magnetic storage devices and sensors. It should also help boost the electrical and mechanical properties of nanorod-polymer composites.

Leading this project was Ting Xu, a polymer scientist who holds joint appointments with Berkeley Lab’s Materials Sciences Division and the University of California (UC) Berkeley’s Departments of Materials Sciences and Engineering, and Chemistry. Xu and her research group used block copolymers – long sequences or “blocks” of one type of monomer bound to blocks of another type of monomer – as a platform to guide the self-assembly of nanorods into complex structures and hierarchical patterns. Block copolymers have an innate ability to self-assemble into well-defined arrays of nano-sized structures over macroscopic distances.

“Ours is a simple and versatile technique for controlling the orientation of nanorods within block copolymers,” Xu says. “By varying the morphology of the block copolymers and the chemical nature of the nanorods, we can provide the controlled self-assembly in nanorods and nanorod-based nanocomposites that is critical for their use in the fabrication of optical and electronic devices.”

Xu is the corresponding author of a paper describing this research that has been published in the journal Nano Letters under the title “Direct Nanorod Assembly Using Block Copolymer-Based Supramolecules.” Co-authoring the paper were Kari Thorkelsson, Alexander Mastroianni and Peter Ercius.

Nanorods – particles of matter a thousand times smaller than the stuff of today’s microtechnologies – display highly coveted  optical, electronic and other properties not found in macroscopic materials. To fully realize their vast technological promise, however, nanorods must be able to assemble themselves into complex structures and hierarchical patterns, similar to what nature routinely accomplishes with proteins.

Xu and her research group first enlisted block copolymers as allies in this self-assembly effort in 2009, working with the spherical nanoparticles commonly known as quantum dots. In that study, they lashed quantum dots to block copolymers via a “mediator” of small adhesive molecules. In this latest development, Xu and her group again made use of adhesive molecules, but this time to mediate between the nanorods and supramolecules of block copolymers. A supramolecule is a group of molecules that act as a single molecule able to perform a specific set of functions.

http://newscenter.lbl.gov/feature-stories/2012/02/01/self-assembling-nanorods/

Fake Apple TV salesman nabbed in Sydney raid:

A man has been arrested in Sydney today after being caught selling access to a pirate television and movie service, sold using counterfeit devices bearing the Apple trademark.

The premises of Q Mart Pty Ltd, a retailer operating from the Sydney suburb of Ashfield, was raided by NSW Police after an undercover investigation by Michael Speck, a copyright specialist working on behalf of international entertainment networks.

Speck had purchased a USB stick branded ‘Apple iPad6 TV’ from the premises for $99, which alongside a $50 per month subscription fee purported to offer over 1100 pirate TV channels (including MTV, Discovery Channel,  ESPN, CNN, HBO, Fox and the BBC), over 1000 first-release movies on-demand (including Hugo, Tin Tin and Mr Poppers Penguins), over 600 adult films and downloads of popular television programs including ‘The Family Guy and ‘Big Bang Theory’.

A forensic analysis of the USB stick found it offered “proxied and peer to peer access to restricted sites” hosted within China and the United States, which host “several pay TV stations as well as streaming videos and other copyright materials.”

Ashfield Police seized several counterfeit Apple devices in the raid today, plus documents and records detailing past sales of the device and subscription sales.

Speck, acting for Chinese-language Pay TV group TVB, was also behind a raid on a Hurstville retailer late last year that offered access to a similar pirate network.

But while the Hurstville business offered access via a set-top box, the Ashfield business was selling its service through an Apple-branded USB stick [see gallery above].

Speck told iTnews he offered the opportunity for Apple Australia to also pursue the retailer to protect its trademarks, but to his disappointment the company declined.

“The pirates have created a doppelganger of the global Pay TV industry for commercial gain and are actively targeting the customers of legitimate businesses,” Speck said. “This is a concerted attack on the legitimate operators and their customers by people interested in profiting from the work of others and it needs to be stopped.”

Speck said he would not hesitate to charge buyers of the pirate TV service if they too were caught up in a raid.

“Customers of this criminal enterprise are not unintended beneficiaries of the digital revolution, they are receivers of stolen property,” he said.

Digital images could be directly projected onto lenses to improve soldiers' situational awareness.

The Department of Defense (DOD) is working on contact lenses that would enhance soldiers' vision to improve intelligence, surveillance, and reconnaissance (ISR) activities without the need for specialized equipment that is currently used in the battlefield.

The Defense Advanced Research Projects (DARPA) agency is doing work at Washington-based Innovega iOptiks to create wearable eye lenses with tiny, full-color displays onto which digital images can be projected to give the wearers better situational awareness, according to the agency.

The lenses would allow users to focus simultaneously on images that are both close up and far away, which would improve their ability to use portable displays while still interacting in real time with the environment around them, according to DARPA. A graphic on the agency's website shows the basic design of the lenses.

[ Read about other uses of virtual technology in the military. See DOD Explores Virtual Worlds For Military Training. ]

The technology is being developed as part of DARPA's Soldier Centric Imaging via Computational Cameras (SCENICC) program, which aims to integrate a range of technologies--including advanced imaging, optical-sensing, immersive displays, and video processing--to "eliminate the ISR capability gap that exists at the individual soldier level," according to the agency.

These activities are currently hampered by equipment such as binoculars, night-vision goggles, and the like, which "provide limited performance" as well as weigh a soldier down, according to the agency.

"The current gap in soldier-centric situational awareness results from the predominantly airborne, video-based, downward-looking, operational concept employed by nearly all ISR systems producing critical limitations to resolution, field-of-view (FOV), waveband coverage, persistence, and access to actionable information at the soldier scale," according to a broad agency announcement about SCENICC on FedBizOpps.gov.

A better solution, which the virtual-reality contact lenses could provide, would "operate hands-free, provide similar or better magnification on-demand, while providing FOV equal to that of the unaided eye," according to DARPA. It also ultimately would cost less than the equipment currently used for soldier ISR.

Using virtual reality technologies to improve how soldiers perform on the battlefield has been a particular interest of the U.S. military for some time, not only for ISR activities but also for soldier training.

The DOD already uses a variety of virtual worlds to simulate battle, and is even working on technology that would allow soldiers to actually feel explosions or debris and gunshot impact during training through computer simulation.

InformationWeek's 2012 Government IT Innovators program will feature the most innovative government IT organizations in the 2012 InformationWeek 500 issue and on InformationWeek.com. Does your organization have what it takes? The nomination period for 2012 Government IT Innovators closes April 27.

http://www.informationweek.com/news/government/mobile/232600054

Facebook has just released its official iPad app. The tablet device was unveiled in January 2010, but development and negotiations with Apple stalled the release of Facebook’s app until now. Facebook for iPad is now available in App Store.

We’ve been waiting for a Facebook iPad app almost as long as there’s been an iPad, and there has been talk that Facebook has been working on the app for more than a year. The lack of an app for Facebook has been a pretty massive hole in the functionality of the iPad, given the social network’s unrivaled popularity. And tons of third-party apps have sprung up to fill the void – but none of them were the official, sanctioned apps of Mark Zuckerberg, and none included the kind of power that Facebook has baked into its own native app.

Here are some of the top Features of the new app:
Bigger, better photos: Photos appear bigger and in high-resolution with easy to flip and rotate features in the photo album function. Videos can also be viewed in full screen mode.
Fast navigation: Just tap, slide or pinch to travel back and forth between one screen and another in no time.
Play games on the go: Play your favorite Facebook games wherever you are, and on a bigger screen.
Less is more: With fewer features on the screen at a time, the new Facebook allows you to zoom in and out of photos, updates and stories more smoothly.
Never lose your place: Use simplified navigation to send a message, see your notifications or browse your bookmarks without switching screens.
Tap to send messages: A simple dropdown menu makes it easy to scan and send messages without visiting your inbox.
See who's nearby: Check out the Nearby map to see what your friends are up to.

According to a report from the New York Times, Facebook on the iPad will also make use of the device’s multitouch capabilities, a feature that hasn’t been available thus far in its iPhone offering or mobile web page. The app will also support games and Facebook chat, as well as the ability to capture photos and videos with the iPad and post them directly to Facebook. The new Facebook app is touch optimized giving you easy access to popular Facebook features and services like Facebook Games, Messages, Feeds, Chat, Photos and Videos. You can also swipe the screen to display the hidden sidebars on the left or right side of the screen.

Apart for the smooth photo viewer and the fact that it now fits properly on the screen, key features seem to be the prominence given in the platform to a better games and apps "experience". This is all part of Facebook's new commitment to third-party developers, as alluded to by Zuck at the f8 conference.

According to TheRegister , Bugs seem to include a dock compatibility issue, where the send button disappears when iPads are docked, and some users reported that the left-hand button bar didn't respond to taps properly. A new version of the app for iPhone has also been released and the mobile web version has been overhauled as well, according to Facebook's wonks.
If you’re reading this on your iPad, you can access the Facebook app here.

http://www.facebook.com/mobile/ipad

When the idea that your smartphone’s data connection would be able to be shared by your laptop with no additional charge, everyone seemed to be on board over the past year, carriers have started up extra costs for this and have struck down all attempts by apps to sidestep the process , until now.

What one of the most well-known hacker/developers in the world Koushik Dutta, aka Koush, has done is to create a non-market app that allows you to use your smartphone as an internet hotspot, doing so without adding costs to you beyond what that data would cost to you on your smartphone on its own. And it’s completely (nearly) undetectable by carriers.

"Over the last month, I've been working on a new app. Tether Alpha is a USB[2] tether solution for Mac, Windows, and Linux that allows you to use your phone's data connection to get internet access on your desktop or laptop." Koushik Dutta said.

"I am intentionally not providing any installation instructions, because I feel that if the app can't be set up without installation instructions, I have failed to make it easy enough to use. "

ClockworkMod Tether is an alpha application that enables wireless tethering on Android devices. The difference between this and most other solutions is that it:
-- Doesn’t require the phone to be rooted
-- Doesn’t require a monthly tethering plan from your carrier
-- Will supposedly not be detectable by carriers thanks to a workaround to be implemented.

Download links:
Mac: http://download.clockworkmod.com/test/tether-mac.zip
Linux: http://download.clockworkmod.com/test/tether-linux.tgz
Windows: http://download.clockworkmod.com/test/TetherWindowsSetup.msi

The above links should automatically install the Android portion if you have USB debugging enabled on the phone, but if something goes awry, here's the Android APK, Get Here.

http://download.clockworkmod.com/test/Tether.apk

Koushik Dutta said, Future releases may include a Bluetooth version, as well as better client apps for all supported operating systems.

Microsoft Windows 8 with Resilient File System (ReFS) Microsoft is switching to the Resilient File System for Windows 8, but only the server edition will support the new and more robust file system. While Windows 8 client machines will continue to use the NTFS filesystem. ReFS is meant to maintain compatibility with the most frequently-used features of NTFS, including Bitlocker encryption compatibility, Access Control Lists (ACLs) to control permissions, change notifications, symbolic links, and...

Microsoft is switching to the Resilient File System for Windows 8, but only the server edition will support the new and more robust file system. While Windows 8 client machines will continue to use the NTFS filesystem. ReFS is meant to maintain compatibility with the most frequently-used features of NTFS, including Bitlocker encryption compatibility, Access Control Lists (ACLs) to control permissions, change notifications, symbolic links, and others, while shedding legacy features and picking up new ones to make it more useful and versatile on today's drives.

Also, in its current state ReFS cannot be used for removable media, or for any partition used to boot Windows – it is purely a file system solution for data storage right now. Windows 8 clients will be able to access and read ReFS partitions from launch though.

According to a blog post from the Windows engineering team, the key goals of ReFS are:

    ‘a high degree’ of compatibility with NTFS
    the ability to verify and autocorrect data
    scalable structures for everything
    keeping the file system online even when problems occur
    providing resilience when used with Storage Spaces.

However, this file system is not compatible with removable media and cannot be used for the booting of an operating system. It is just made for storage, for the time being.

As US senators mull over the SOPA(Stopping Online Piracy Act) and PIPA(Protecting Intellectual Property Act) bills, the world stands witness to a historic moment. Almost all big IT companies like Google, Wikipedia, Facebook, Mozilla, Godaddy, etc are speaking in one unanimous voice against SOPA and Internet Censorship. The draconian provisions of SOPA/PIPA are bound to create the deathbed of internet freedom and free speech, and if a careful reading of the proposed legislation is done, one realizes that it is likely to have the same impact on India.

In the disguise of protecting copyrights and stopping piracy its completely clear that the US government is trying to assert its control over the free flow of information on internet which is some time uncomfortable to them. Giving power to Attorney General to direct search engines like Google to filter particular search results, or asking an ISP to manipulate their DNS to filter specific IP addresses just at whims and fancies of government all the threatening to accessing information.

To make the matters worse on the name of stopping piracy the websites will be held directly responsible for content uploaded by a one of its millions user. And if infringement is proved then apart from banning whole website its executives would be liable to mountainous fines and prison terms along with the user who uploaded content for upto 5 years. So imagine if a teenager ends up uploading a Michal Jackson video on YouTube he may get 5 year term in jail where as the doctor who killed Michal Jackson could get only 4 years. Or if you post a YouTube video link of Rockstar movie song on your Facebook wall, entire Facebook website can be blocked for copyright infringement.

To make the matters worse, one of the provisions says if a particular site is banned. Any websites which provides any information about blocked website or softwares it offered can also be blocked. So in a nutshell if a website like Napster is blocked, a website like Wikipedia can also be blocked incase they provided any information about Napster, even if it was merely a hyperlink to Napster’s website And if Wikipedia is banned. all the websites which ever quoted Wikipedia can also be blocked.

Another draconian provisions say that the government through attorney general can also direct all companies like 'payments gateway providers', Banks or even the Digital certificate providers to not provide any service to the blocked website. Now see how will this impact us in India

    80% of Indian websites are hosted on US based servers with companies like Godaddy, which are under US jurisdiction and will fall under SOPA.
    Websites which are using payment gateways provided by US companies will also be affected.
    Even if a Indian website is hosted on a Indian server and uses all Indian payment gateways or banks for its business, If a injunction is issued by US court against it, US government can ask all the American websites to remove any information or links about that Indian website and block its access through all US based ISP's by forcing DNS blockade through ISP's
    Even the Anti SOPA tools like DeSopa would not work because providing them on any website or using them or providing any information about them would also become illegal.
    All the paid VPNs we use for our privacy or secure surfing would also be forced to share our data with US government because most of them have their head offices in US. This may spell disaster for people in countries like China and Iran who use these methods or overcome illegitimate government censorships.
    Onion surfing (chain proxy) tools like Tor would become useless because at the one shot US government will have power to ask all US ISP's, hosting servers to filter any request coming from proxy sites in disguise of stopping piracy.

Internet was born in US but it is not a personal property of US government. Any type of laws which will be made in US are bound to be replicated in other countries. And with many governments across the world facing protest for various reason are already toying the idea of censoring the information on internet by some or other means. sometimes by arm twisting, some times by arbitrary court injunctions or some times by framing unconstitutional laws. Currently we are witnessing companies like Facebook,Twitter and Google are landing up in lawsuits in India on the issue of content filtering and government hardening its position against companies. Its not a good sign of for the future of internet, whose freedom we must uphold.

Dissent is a integral part of any democracy. If countries like America in the aftermath of Wikileaks incidents frame laws to acquire backdoor authority to censor internet in disguise of protecting intellectual property and stopping piracy. They would be doing a great insult to the very.

first amendment to their own constitution guarantying free speech. In India where our fundamental right of freedom of expression is ushering like a diamond hope with every passing year. We must protest any idea or policy which threatens our freedom to do things on innovation of millennium, Internet, Which has no boundaries, no laws, no jurisdictions and no censorships.

So in my opinion we must oppose SOPA or any sort of censorship anywhere, before you are left with a internet with filtered search engines, Blocked websites, no free mp3 songs, No proxies, No free softwares and no Wikipedia and no free code snippets too !

This Post reviews the newly released ANTI3 version. We've received a platinum account of ANTI3, before its official release, and this is our review:

Recently White-Hat Hacker, Itzhak "Zuk" Avraham, the founder of zImperium unveiled its new app in Blackhat / Defcon19, introducing a new concept where both home users and local IT can have the same tools to, at the push of a button, check for their security faults. The new zImperium product, named Android Network Toolkit (or in short - ANTI), allows professional penetration testers, ethical hackers, IT and home users to scan for security issues in their network.

In a few simple clicks ANTI covers the most advanced attack vectors in order to check for vulnerabilities, even those that up until now could only be performed by top-notch penetration testers. This means that while you might think that you’re safe because you have a firewall on, with ANTI you can check and prove it (or add it to your penetration testing report if you’re doing this as a job). Know if your desktop is easily hackable only a few clicks away by using the ANTI “Penetrate CSE” button, which will perform both MiTM and inject Client Side Exploit to check if you have the latest version of a vulnerable software (e.g: outdated java). You only need to imagine re-producing this using other currently available methods to appreciate why ANTI has gotten so much respect from our community.

http://www.zimperium.com/anti.html

“Penetrate CSE” is part of the newly released ANTI3, which covers more vulnerabilities than before. The authors at zImperium will keep improving this product and add even more vulnerabilities in the future.

Upon successful client-side / remote exploitation, the report is updated with the current findings that a specific computer wasn’t patched for a certain vulnerability. Performing MiTM and injecting exploits has never been so easy for the professional penetration tester and is now also available for the home-user and the IT - you don’t have to be a security guru to run security checks!

ANTI runs on Android version 2.1 and up, while CSE vector only one of several capabilities that makes this tool very powerful, especially when it runs on your smart phone!

ANTI won the “Hack Tool of the Year 2011 Award” by THN, PCMagazine’s editor’s choice and many other prizes for a reason. Here’s a short video describing ANTI’s features

The app is also capable of mapping your network, scanning for vulnerable devices or configuration issues. It is for use by the amateur security enthusiast home user to the professional penetration tester, ANTI provides many other useful features such as: easy connection to open ports, visual sniffing (URLs & Cookies) and - establishing MiTM attacks (using predefined and user-defined filters), Server Side / Client Side Exploits, Password cracker to determine password’s safety level, Replace Image as visual in demos and Denial of Service attacks. All this is packed into a very user-friendly and intuitive Android app (and soon to be released iOS app).

As zImperium chose to enable ANTI via their website, rather than through the market, thus the APK is installed manually by a few simple steps:
Go to http://www.zImperium.com/anti.html and follow the instructions there. You will receive a download link to your email. Open this link from your smartphone and then install the app as instructed. (Make sure that 3rd Party Applications is enabled in Settings->Applications->Unknown Sources.)

CertiVox today unveiled a breakthrough in information security: PrivateSky Secure Information Exchange (SIX)(TM) platform. The new service provides fast, easy-to-use protection for email, files and other information sent via the cloud, through a unique two-factor authentication process and a sophisticated, certificateless encryption platform.

http://www.privatesky.me/

This encryption process is activated by a click of a button from within Outlook, a web browser or via any browser-based application on a PC, Mac, tablet or smartphone. It is a solution where both encryption and decryption are securely completed with no disruption to a user's workflow.

PrivateSky SIX platform solves these legal, regulatory and ethical challenges. The platform:

    Uses Incognito Keys and certificateless encryption technology to provide a secure information exchange between all users.
    Departs from other products because the user encrypts his or her information right from the start at the source and retains control over his or her encryption keys at all times. This means cloud storage service providers and managed file transfer services can no longer see or access their clients' information.
    Separates the encryption keys from the data while in transit which ensures that only the intended recipients can access encrypted information. Not even CertiVox has access to the encrypted data or the encryption keys.
    Offers significant and far-reaching solutions for industries and governments that adhere to strict regulatory and privacy requirements, such as HIPAA.

http://www.marketwatch.com/story/certivox-unveils-privatesky-six-platform-2012-01-26

A big hurrah to you!!!!! We’ve won for now SOPA and PIPA were dropped by Congress today. The votes we’ve been scrambling to mobilize against have been cancelled. When the entire Internet gets angry, Congress takes notice. Both the House and the Senate on Friday backed away from a pair of controversial anti-piracy bills, tossing them into limbo and throwing doubt on their future viability.

Google Inc. said today it collected more than 7 million signatures from the U.S. for its online petition to Congress during an Internet protest against anti- piracy legislation backed by Hollywood. Visitors to Google, the world’s most popular search engine, were greeted yesterday by a black box covering the company’s familiar icon, and a message that read “Tell Congress: Please don’t censor the Web!” The message linked to a page outlining Google’s opposition and an option to join a petition urging Congress to reject the legislation.

Senate Majority Leader Harry Reid announced that he would delay a vote on PIPA, while SOPA sponsor Rep. Lamar Smith said the House Judiciary Committee would also postpone action on his bill.PIPA was scheduled to be taken up by the Senate on Tuesday, Jan. 24 at 2:15pm. But "in light of recent events, I have decided to postpone Tuesday's vote," Sen. Reid said in a statement.

“There is no reason that the legitimate issues raised by many about this bill cannot be resolved," Reid says in a statement, adding that the Senate must take action to stop piracy.

The announcement by Reid comes two days after Wikipedia, Reddit and other prominent sites coalesced to protest SOPA and PIPA votes by blacking out their sites.

Anonymous Hackers attacked websites of Brazil's federal district and Tangara da Serra city on Sunday as well as one belonging to a Brazilian singer to protest the forced closure of Megaupload.com.

The attacks this week, which they call "#opmegaupload" shut down the websites of the FBI and US Justice Department for several hours to protest the closure of Megaupload.com.

Hackers succeed in shutting down the website of popular Brazilian singer Paula Fernandes. They posted the image of a grim-faced joker with a message saying, "If Megaupload is down, you are down too." It was signed "GhostofThreads"

Anonymous use DDoS attacks tools like so-called Low Orbit Ion Cannon which is a piece of software that volunteer hacktivists download to their PCs and choose to run, whereby it then starts blasting the target website with traffic.

Stats says that , in last 7 days LOIC downloaded by 66,500 People across the World to participate in DDOS attack.

However, the source of the attack--the IP address for the individual computers attempting to access the site can easily be traced when LOIC is used, putting participants at risk of prosecution. So, Anonymous has come up with a way to allow people to participate without risking arrest, Anonymous launched DDOS attacks on more than a dozen sites and used a new tactic.

The group distributed Web links yesterday during its attacks on the Department of Justice, FBI, Universal Music and a host of other sites, that made joining the attacks as easy as clicking the mouse. The links led to Web pages with special JavaScript instructions that automatically redirected the visiting computer to a Web site being targeted for attack. The computer continues attempting to access the target site until the Web page is closed.

IRSSI-Windows

http://www.darkexile.com/forums/index.php?action=downloads;sa=view;down=196

Anonymous Hackers are claiming to Hack the official website of CBS Broadcasting (CBS), major US commercial broadcasting television network, which started as a radio network.

Hacker hack the server , entire web directory has been deleted and There is only a Single blank file named "foundry.html" as shown.
CBS+hacked

Even Brazil also Under Anonymous Attack, Today Tangara da Serra city site also defaced by them. Get update about all Anonymous Hacks Here.
Stay Tuned to Get More Updates on This Hack !

http://thehackernews.com/search/label/Anonymous%20Hackers

iOS and/or Android developers PM me if you're interested in work

--Val

Hey bitches!

I just wanted to show off my new computer case, http://www.mountainmods.com/ is where I got it from. I had my i! tags etched into the acrylic, it will be preped up with all the liquid cooling things as soon as I get the heat exchanging unit from shipping. 

"Thus if Americans today were driving cars of the same size and power that were typical in 1980, the country’s fleet of autos would have jumped from an average of about 23 miles per gallon (mpg) to roughly 37 mpg, well above the current average of around 27 mpg. Instead, Knittel says, 'Most of that technological progress has gone into [compensating for] weight and horsepower.' ... Indeed, Knittel asserts, given consumer preferences in autos, larger changes in fleet-wide gas mileage will occur only when policies change, too. 'It’s the policymakers’ responsibility to create a structure that leads to these technologies being put toward fuel economy,' he says. Among environmental policy analysts, the notion of a surcharge on fuel is widely supported. 'I think 98 percent of economists would say that we need higher gas taxes,' Knittel says."

http://web.mit.edu/newsoffice/2011/cars-on-steroids-0104.html

"Google had been sued by insurance company Lyonnaise de Garantie, which was offended by search results including the word 'escroc,' meaning crook, according to a story posted Tuesday by the Courthouse News Service. 'Google had argued that it was not liable since the word, added under Google Suggest, was the result of an automatic algorithm and did not come from human thought,' the article states. 'A Paris court ruled against Google, however, pointing out that the search engine ignored requests to remove the offending word... In addition to the fine, Google must also remove the term from searches associated with Lyonnaise de Garantie.'"

http://arstechnica.com/tech-policy/news/2012/01/french-court-frowns-on-google-autocomplete-issues-65000-fine.ars?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+(Ars+Technica+-+Featured+Content)&utm_content=Google+International

"A soon-to-be released salary survey finds that the average salary for IT professionals in the U.S. is $78,299, putting overall compensation back at January 2008 levels. More heartening: Midsize and large companies are both aiming to hire more IT pros. The midsize are seeking IT executives (such as VPs of information services and technical services), as well as programmers, database specialists, systems analysts, and voice/wireless communication pros. Enterprises are moving IT and data center operations back in-house, which means greater demand for data center managers and supervisors."

http://www.infoworld.com/t/it-jobs/it-salaries-edge-back-2008-levels-183451

"U.S. Congress appears likely to move forward with SOPA and PIPA, despite widespread opposition, IDGNS reports. The U.S. Senate is expected to begin floor debate on PIPA shortly after senators return to D.C. on Jan. 23, and supporters appear to have the votes to override a threatened filibuster. Some opponents of the bills hold out hope: 'We're optimistic that if members really understood the Internet architecture and cybersecurity measures, they would not support SOPA as written. Instead, members who are really committed to combatting online piracy would look for effective ways to do that without compromising cybersecurity or the open architecture of the Internet,' said a CCIA spokesperson. Others remain doubtful that Congress will come to this understanding."

http://www.infoworld.com/d/the-industry-standard/lawmakers-seem-intent-approving-sopa-pipa-183328

"With Nasa scaling back its manned space programs, the idea of a manned trip to the stars may sound audacious, but the 100 Year Starship (100YSS) study is an effort seeded by DARPA to develop a viable and sustainable model for persistent, long-term, private-sector investment into the myriad of disciplines needed to make long-distance space travel practicable and feasible. The goal is not to have the government fund the actual building of spacecraft destined for the stars, but rather to create a foundation that can last 100 years in order to help foster the research needed for interstellar travel. Now DARPA has provided $500,000 in seed money to help jumpstart the effort and chosen Mae Jemison, the first African-American woman to go into space, to lead 100YSS. Jemison, who is also a physician and engineer, left NASA in 1993 after a six-year stint in which she served as science mission specialist aboard space shuttle Endeavour, becoming the first black woman to fly in space. Since leaving the space agency, she has been involved in education and outreach efforts and technology development. Rounding out her resume, Jemison also served as a medical aofficer for the Peace Corps in Sierra Leone and Liberia, is a professionally trained dancer, speaks Russian, Swahili and Japanese, and was the first real astronaut to make a cameo in an episode of 'Star Trek: The Next Generation.' Jemison won the contract with her proposal titled 'An Inclusive Audacious Journey Transforms Life Here on Earth & Beyond.'"

http://www.100yss.org/about.html

"Microsoft disappointed some Windows Phone users on Friday by saying it would stop providing specifics about who will get software updates and when, and announcing vaguely that a new update is 'available to all carriers that request it.' The update fixes a few issues, including one that caused the on-screen keyboard to disappear and another that caused problems with synching Gmail. Eric Hautala, general manager of customer experience engineering for Windows Phone, said Microsoft will no longer say when people will get updates based on their country, phone model and carrier."

http://www.networkworld.com/news/2012/010712-microsoft-scraps-wheres-my-phone-254631.html

"In a tweet early this morning, cybersecurity researcher Christopher Soghoian pointed to an internal memo of India's Military Intelligence that has been liberated by hackers and posted on the Net. The memo suggests that, "in exchange for the Indian market presence" mobile device manufacturers, including RIM, Nokia, and Apple (collectively defined in the document as "RINOA") have agreed to provide backdoor access on their devices. The Indian government then "utilized backdoors provided by RINOA" to intercept internal emails of the U.S.-China Economic and Security Review Commission, a U.S. government body with a mandate to monitor, investigate and report to Congress on 'the national security implications of the bilateral trade and economic relationship' between the U.S. and China. Manan Kakkar, an Indian blogger for ZDNet, has also picked up the story and writes that it may be the fruits of an earlier hack of Symantec. If Apple is providing governments with a backdoor to iOS, can we assume that they have also done so with Mac OS X?"

http://www.uscc.gov/

I’m a firm believer in multitasking. I tend to work on several things simultaneously; the more monitors I have connected the more things I can do in parallel, and I can bounce back and forth between tasks, given that no one interrupts me. When I find an application that can do more than one thing for me, I become very interested, and when it can do three things well, I have myself a winner! GFI LanGuard is just that; a winner, that multitasks for me by providing patch management, network security, and vulnerability scanning into a unified application which makes my network maintenance tasks quick and easy. The latest version was released just a few weeks ago so I decided to take the app out for a spin, really kick the tires, and see what it has to offer. I’ll rate each area on a ten point scale, where high scores are better. Here’s how my test drive went.

The 124MB download came down in an instant, and my trial key was in my inbox before the download was done. GFI LanGuard uses the .NET Framework 3.5 SP1, which it will prompt you to install (along with the Windows Installer 3.1 and MDAC 2.0) if not already present. Beyond that it’s only a couple of clicks and couple of minutes to have up and running. The trial lets you scan up to five ip.addrs during the 30 day evaluation period. Since scanning for and installing patches are things that require an admin account, you should have a service account with admin rights ready to go before you begin the install. I didn’t, but that was an easy fix. For ease of install and setup I give GFI LanGuard 9 out of 10.

As you can see, it offers short cuts to a dashboard, a place to remediate issues, agent management, and scanning. Clicking on View details revealed some surprising information about the host I just built and patched up to host this app, and Windows Updates showed no missing patches.

But seeing six missing patches, I reran Windows Updates and sure enough, it found the missing patches. This could have just been a matter of timing, and the server might have updated itself this evening, but I would have signed off that the server was fully patched, and obviously it wasn’t.

The two high-security vulnerabilities flagged were a lack of antivirus software, and Windows Defender was also out of date. I clicked on the scan tab, and chose to let it go out and scan my network for other systems. It found them all within a few seconds. With a total of five machines permitted in the evaluation, I decided to add two servers and two workstations from my network. I went with the manual add since I have many more than that, but options included automatically scanning the network, and importing from a list. It’s good to have options.

The scan completed and reported the status on all of the machines, including missing patches, running software, open ports, etc.

GFI LanGuard can assess and remediate machines using an account with administrator privileges, but scans must run each time a machine is checked. You also have the option of deploying agents to managed machines, which run in the background and report system status up to the management console. This is optional, but makes checking the status of a machine faster.

Scanning does take a while. The initial scan of my five machines took almost 30 minutes. While two of the clients were on wireless, and the scanning host is a VM, I think an initial scan of a larger network could be a weekend long event or more. Pushing agents first might have been the better choice. For getting the application up and running, I give it another 9 out of 10.

Performance in the curves
Scans are a great way to go, but the real strengths show in remediation. GFI LanGuard offers several great ways to push out and roll back patches and applications. Check out the list below.

Testing patches is critical, but sometime you won’t find an issue until a patch or update has been pushed out to clients. One of the most important parts of any patching application is the ability roll back patches, and GFI LanGuard can uninstall patches, service packs, and applications.

I pushed out patches to the Windows 7 workstations for December’s updates, and then uninstalled two of them just to try it out. Installs and uninstalls both worked smoothly, prompting the user for the required reboots each patch needed but otherwise running behind the scenes and out of sight to the user.

The straightaways
I was delighted to find that GFI LanGuard can deploy software as well. I expected it could push patches and updates, but new apps are like finding a turbo-charged 3 liter when you were expecting only a 4 cylinder 1.6. I tested this out by pushing PSPad to a workstation and it worked flawlessly. Check out the options for deployment.

Applications can be deployed with or without switches, but configuration files (called auxiliary files) can be pushed out to clients without installation.

Users can be warned before the install begins using custom messages.

Post installation requirements are covered too. Letting the user decide includes setting a message.

Overall, the ability to manage software beyond patches and service packs makes GFI LanGuard a very powerful and useful addition to your network management toolset.

What about the data
GFI LanGuard offers full reporting that would satisfy the most data hungry managers. There are reports for vulnerabilities, software audits, baselines, and more. Here’s a quick snap of what you can do.

Here’s a peek at the security overview for one of my servers. Notice that all patches and service packs are good to go, but that doesn’t mean there aren’t issues. Looks like my Wireshark install needs some attention.

Managers may like reports, but I love data that I can act on, and being able to see out-of-date third party applications gives me something real information so I can start assigning tasks. This earns 10 out of 10 in my book.

In conclusion
GFI LanGuard is a worthy application and deserves a place of honor in your application suite. With the ability to patch software, update applications, generate reports, and run security vulnerability scans, this application has something to offer everyone; network and server admins, workstation support, application support, and information security personnel too. Earning an overall nine out of ten for performance, functionality, and usefulness, GFI LanGuard will be the next software purchase for my network.

The hacking group Anonymous has confirmed that they have once again hacked Sony Pictures, gaining access to their Facebook account and website. Anonymous did threaten Sony for supporting the controversial SOPA bill and now it seems that the threats materialized.

The hack hit the Sony Pictures Facebook page and its web site homepage, according to reports and tweets from those involved. Comments were left on the web pages, but have since been removed.

“Your support of the act is a signed death warrant to Sony Company and Associates. Therefore, yet again, we have decided to destroy your network. We will dismantle your phantom from the internet. Prepare to be extinguished. Justice will be swift, and it will be for the people, whether some like it or not,” Anonymous.

"The hack wasn't big, but still the servers were vulnerable and I got access to the admin too," Hacker Said.

Anonymous caused major problems for Sony in 2011 after successfully hacking into the firm's online gaming network and stealing the login information of thousands of users, forcing the system offline for several weeks.

Facebook today announced open registration for its second annual Hacker Cup, an annual algorithmic programming contest open to engineers from around the world. Programmers will be judged on accuracy and speed as they race to solve algorithmic problems to advance through up to five rounds of programming challenges. The winner will receive the title World Champion for Facebook’s 2012 Hacker Cup.

"Programmers from around the world will be judged on accuracy and speed as they race to solve algorithmic problems to advance through up to five rounds of programming challenges," Facebook mobile engineer David Alves wrote.

Interested participants must solve at least one problem correctly in an online qualifying round that will take place on 20 January. Three subsequent rounds will follow on 28 January, 4 February and 11 February. The top 25 will then be flown to Facebook's headquarters in Palo Alto, California, for the final round.

There are indeed actual prizes to be won. The winner will receive US$5,000 and their name will be inscribed on the Hacker Cup trophy. The runner-up wins US$2,000 and the third-place competitor will receive US$1,000. Everyone else gets a prize, too. Competitors who rank from fourth to 25th place will be awarded US$100.

Last year's Hacker Cup got off to a rough start. Some users on the Quora social networking site complained that the contest's procedures were confusing and sometimes contradictory. The social networking giant had improved the process by the end of the contest, though, participants reported.

If you want to try the problems from last year’s qualification round, you can check them out here: Problems. More details and announcements will be posted at facebook.com/hackercup. You may also want to take a look at the FAQ as well as the Terms & Conditions.

A group calling itself the Lords of Dharmaraja posted an Adobe document online Wednesday that it claimed was a glimpse of the source code for the internet security software. But Symantec spokesman Cris Paden said "no source code was disclosed" in the post, which was a 12-year-old document describing how the software worked, but not the code. Paden said Symantec continues to investigate the hackers' claim that they have source code.

But now Symantec, the makers of Norton AntiVirus, has confirmed that a hacking group has gained access to some of the security product's source code.
"Symantec can confirm that a segment of its source code has been accessed. Symantec’s own network was not breached, but rather that of a third party entity.We are still gathering information on the details and are not in a position to provide specifics on the third party involved.Presently, we have no indication that the code disclosure impacts the functionality or security of Symantec's solutions. Furthermore, there are no indications that customer information has been impacted or exposed at this time."

In a post to the site Pastebin, the hackers maintain they discovered the information in a hack of India's military computer network. The group claims to have found source code "of a dozen software companies" which have signed agreements to share code with Indian intelligence agencies.

After preliminary analysis appeared to contain source code for the 2006 version of Symantec's Norton antivirus product. Though the code is for an older version of the Norton antivirus product, the impact of the exposure is still as of yet undetermined. Symantec officials have indicated they will be providing more information as they continue their investigation, and certainly more will be known if the entirety of the compromised data YamaTough claims to be in possession of is finally released to the public as has been threatened.

"Moore's Law, the cornerstone of the semiconductor industry, may get a reprieve from its predicted demise. As wires shrink to just nanometers in diameter, their resistivity tends to grow exponentially, curbing their usefulness as current carriers. But now a team of researchers has shown that it is possible to fabricate low-resistivity nanowires at the smallest scales imaginable by stringing together individual atoms in silicon as small as four atoms (about 1.5 nanometers) wide and a single atom tall. The secret is to introduce phosphorus along that line because each phosphorus atom donates an electron to the silicon crystal, which promotes electrical conduction. They then encase the nanowires entirely in silicon, which makes the conduction electrons more immune to outside influence. By embedding phosphorus atoms within a silicon crystal with an average spacing of less than 1 nanometer, the team achieved a diameter-independent resistivity, which demonstrates ohmic scaling to the atomic limit. 'That moves the wires away from the surfaces and away from other interfaces,' says physicist says Michelle Simmons. 'That allows the electron to stay conducting and not get caught up in other interfaces.' The wires have the carrying capacity of copper, indicating that the technique might help microchips continue their steady shrinkage over time and may even extend the life of Moore's Law. 'Fundamentally, we have shown that we can maintain low resistivities in doped silicon wires down to the atomic scale,' says Simmons, adding that it may not be ready for production now, but, 'who knows 20 years from now?'"

http://www.scientificamerican.com/article.cfm?id=nanowires-silicon

[Every little bit helps]

Every little bit helps

Earn free stuff by donating to us! Go here to find out!

Login Web IRC


Full Channel List