Browsing Posts in Internet Security

OK; so WikiLeaks has been in the news a lot lately. If you don't know what WikiLeaks is let me try and bring you up to speed quickly. WikiLeaks.org; is a non-profit organization established in 2006 and widely reported as being led by Julian Assange an Australian "Internet Activist". This website shot into the limelight after releasing leaked video footage "...in which Iraqi civilians were killed by U.S. forces...". Since then it has gone onto release, what is dubbed as highly sensitive material leaked from "anonymous" sources, thousands of sensitive documents aimed largely at forcing the U.S. government to be held accountable for it's actions. As you can imagine this has caused quite a bit of controversy on a global scale.

Within the last two days this has included the release of some 250,000 highly confidential, even "secret" communications between various Embassies and the U.S. globally at http://cablegate.wikileaks.org/.

Now; as you can imagine, this kind of protest; to promote greater "transparency" and accountability; to hold governments responsible for their actions, this draws a lot of attention. Mostly notably the U.S. government, recently the FBI and "hacktivists". It's only when you start to dig a little deeper do you uncover an almost subterranean culture running parallel to the internet. A Gotham equivalent of it; a world of bad guys and good guys, vigilantes and hero's. Whitehat hackers, blackhat hackers and everything in-between.

Hacking is such a generic term but often attributed to negative connotations. Hacking ranges from the minor personalization of an object, be it code or something physical. An iPhone, "hacking" it for personalization; to extend it's usefulness; but hacking more than often is associated with Hollywood visions of electronically sniffing your way onto the Pentagon network, reverse engineering complex encryption and cipher streams to steal closeted information. Hacking has so many nuances, it is a broad scope.

This subterranean internet is slowly surfacing in our day to day lives. DDoS - Distributed Denial of Service attacks are becoming more frequent and recognized by the general populace as some of our favorite social communities have suffered from various DDoS attacks. Facebook and Twitter are popular targets and, not surprisingly now; is WikiLeaks. A target of "Hactivism". Most recently a Whitehat hacker who goes by the handle The Jester (th3j35t3r) has been featured in the news lately for his continued efforts to thwart WikiLeaks. Dubbed a hero by some, (s)he is the Batman in our earlier analogy. A personal mission to disrupt WikiLeaks continued publication of "Secret US Embassy Cables". WikiLeaks has been under continuous DDoS since they were first published November 28th, 2010.

Cyberterroism, call it what you will, is slowly spilling out into our daily lives. A game of Cat and Mouse. Political chess.

4chan is another seemingly innocent example. LOLCATs, a by-product of it's community went on to inspire the creation of http://icanhascheezburger.com/, but within that community lurks a murkier undertone hidden behind thinly veiled bulletin boards.

Hacking is often stereotyped. Associated with some "nerd" speaking of his m@D 5KiLl5 (Leet Speak translation : Mad Skills) from the depths of his mothers basement, but that image is no longer relevant, no longer current. Governments are diving into these "underground" internet communities to better understand their potential and ultimately to provide better defenses.

I will contest I am by no means a hacker, black, white, grey or whatever the current stereotype is. I do not posses "m@D h4xx0r 5KiLl5;" by any means. Instead I like to read about these activities to understand their potential, to hopefully become a better programmer, to be cognizant of flaws in code, to try and prevent simple SQL Injection, XSS Hacking and Session Hijacking techniques. Unfortunately; where ever there is a will... there is a way; and, trust me, any determined hacker WILL find it, as the saying goes : "keep your friends close and your 'enemies' closer".


Warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /homepages/24/d152177141/htdocs/techblog.tonycollings.com/wp-content/plugins/code-highlighter/geshi.php on line 2147

Warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /homepages/24/d152177141/htdocs/techblog.tonycollings.com/wp-content/plugins/code-highlighter/geshi.php on line 2147

Warning: preg_replace(): The /e modifier is no longer supported, use preg_replace_callback instead in /homepages/24/d152177141/htdocs/techblog.tonycollings.com/wp-content/plugins/code-highlighter/geshi.php on line 2147

No, stop thinking Pooh Bear. Honey Pot's; traps for capturing malicious users and/or software. I read an interesting article today in the NYTimes. Sandia National Laboraties in Livermore, CA has setup a large Linux Honeypot called 'MegaTux' aptly named after it's OS namesakes' mascot; 'Tux' the Penguin.

This Dell Thunderbird supercomputer, amongst one of the top 500 supercomputers in the world, has been setup to try and 'research' a current problem on the internet. 'Botnets', malicious software that many people innocently download and by doing so unbeknowingly end up turning their PC into a Zombie.

These 'Zombie' PC's can then be controlled from a central source to form a supercomputer, abusing the processing power of thousands of personal computers around the world to propegate SPAM, run illegal websites, and in some cases launch 'Cyberwarfare'. Did you ever watch Star Trek. Think Cyborgs and an interconnected collective and you're not far from the mark. It's all rather domesday sounding.

Fortunately, for the majority of us, should we be unlucky enough to fall prey to malicious software,  we'll only end up contributing to the plethora of SPAM floating around the internet and running the odd Warez site.

However, the conspiracist in me would have me believe that this is all in response to recent accusatory reports in the media of Cyber Attacks from North Korea earlier this month.

Botnets are tricky, finding the source and shutting it down. It's like Medusa from Greek Mythology unless you can kill the source new heads simply re-appear. The concept of 'cells' is everywhere and none more prominent in todays world then 'terrorist cells'. This research is an excellent opportunity to study patterns, to track 'the collective', understand how it works and ultimately control it. Infrastructures, even countries depend on the internet's resourcefulness. Who would have thought that a series of ones and zeros could now become an invisible foe.

As we head towards a Semantic Web and Cloud Computing, with more and more information stored and shared online could we be held to randsom with it one-day ?

It does make you wonder sometimes about the mysterious undertones that the internet can hide. Technology, as they say, is only limited by the imagination. For now I'll contently continue to surf Facebook !