tag:blogger.com,1999:blog-64379076773494841882014-10-29T07:42:29.472+01:00Security4all - Dedicated to digital security, enterprise 2.0 and presentation skillsMy Blog's main focus is to have a place to keep an overview on recent and useful information security news combined with a small interest in presentation skills, productivity and other random thoughts.Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.comBlogger1274125http://bp1.blogger.com/_hKfJbfbBxMU/SDnjCBFeBhI/AAAAAAAABNc/NDpT-OWXMc8/S1600-R/header+copy.jpgSubscribe with My Yahoo!Subscribe with NewsGatorSubscribe with My AOLSubscribe with BloglinesSubscribe with NetvibesSubscribe with GoogleSubscribe with Pageflakestag:blogger.com,1999:blog-6437907677349484188.post-85111131457017226992012-02-27T17:01:00.004+01:002012-02-28T04:01:38.897+01:00New PGP key<a href="http://imgs.xkcd.com/comics/security.png"><img style="cursor:pointer; cursor:hand;width: 448px; height: 274px;" src="http://imgs.xkcd.com/comics/security.png" alt="" border="0" /></a><br /><br />Just a short notice that I updated my PGP key. Barely anyone ever used my key and sent me encrypted email. But as I'm lately getting more involved in CERT/CSIRT related activities and communication with teams around the world, there was a need for starting encrypting my mails again.<br /><br />My key can be found on the usual keyserver(s) and the fingerprint is: 16BD 01DD DD08 1144 48DF 4464 D3FB 8E48 B68C F245<br /><br />I'm not sure if I'll pick up blogging again soon, but don't unsubscribe just yet. My move to Japan was very interesting and the adventure has only just started!<br /><br /><span style="font-style: italic;font-size:85%;" >(Cartoon courtesy of <a href="https://www.xkcd.com/538/">XKCD)</a></span><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=cdLUGaZWchc:QNoRxl-ftQs:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=cdLUGaZWchc:QNoRxl-ftQs:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=cdLUGaZWchc:QNoRxl-ftQs:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=cdLUGaZWchc:QNoRxl-ftQs:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=cdLUGaZWchc:QNoRxl-ftQs:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=cdLUGaZWchc:QNoRxl-ftQs:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=cdLUGaZWchc:QNoRxl-ftQs:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=cdLUGaZWchc:QNoRxl-ftQs:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/cdLUGaZWchc" height="1" width="1" alt=""/>Bkaynoreply@blogger.com0http://blog.security4all.be/2012/02/new-pgp-key.htmltag:blogger.com,1999:blog-6437907677349484188.post-37571726035294305412011-09-16T07:36:00.007+02:002011-09-16T18:55:40.089+02:00The unofficial BruCON party guide (plz RT)<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://2011.brucon.org/images/d/dd/I-will-hack-for-beer.png"><img style="cursor:pointer; cursor:hand;width: 150px; height: 89px;" src="http://2011.brucon.org/images/d/dd/I-will-hack-for-beer.png" alt="" border="0" /></a><br /><br />The third edition of BruCON is about to happen and I'm really looking forward to it. This is an attempt to the Hitchhikers Guide to the... euhm... fun bits of BruCON. Besides the <a href="http://2011.brucon.org/index.php/Schedule">workshops, presentations and training of BruCON</a>, there are also some social events you can attend. So here we go.<br /><br />First is <span style="font-weight: bold;">SushiCon</span>, the<span style="font-weight: bold;"> pre-BruCON get-together at a Japanese restaurant</span>. Details <a href="http://2011.brucon.org/index.php/Events">here</a>. After dinner we'll head for the Belgian beer heavens. You can just join us for a beer later as well. Check Twitter for last minute movements.<br /><br />Second main event is of course the <a href="http://2011.brucon.org/index.php/Events">BruCON party @ Havana Club</a> on Monday evening! Feel free to throw some events of your own and list them on the <a href="http://2011.brucon.org/index.php/Events">wiki</a>. For ad-hoc meetings, follow the <a href="https://twitter.com/#%21/search/%23brucon">#brucon hashtag</a>.<br /><br />The BruCON wiki also has a small <a href="http://2011.brucon.org/index.php/Places_to_see">list of bars / restaurants</a> (plus recommendations of beer) etc you can explore! It's far from complete so please expand this page based on what you know or discover!!<br /><br />Now what about Travel aka<span style="font-weight: bold;"> How to get around</span>? Apart from the basic <a href="http://2011.brucon.org/index.php/travel">BruCON Travel page</a>, here are some tips:<br /><br />Once in the city, the metro/tram will probably be your main mode of transportation! The metro connects the BruCON hotel (Ibiz) with the city center (Grand place) and the BruCON Venue @ VUB. Check out this awesome Google map with all of the known BruCON (party) locations.<br /><br /><a href="http://g.co/maps/fkm5y" class="external free" rel="nofollow">http://g.co/maps/fkm5y</a> (hat tip to <a href="http://www.twitter.com/5M7X">@5M7X</a>)<br /><br /><span style="font-weight: bold;">Metro Stops</span>: Here is the network map of the Metro: <a href="http://www.mivb.be/netplan-plan-reseau.html?l=en">http://www.mivb.be/netplan-plan-reseau.html?l=en</a><br /><span style="font-weight: bold;">Payment:</span> You can get a pre-paid 10-journey card at newsstands and vending machines at the stations: <a href="http://www.mivb.be/10-voyages-ritten.html?l=en">http://www.mivb.be/10-voyages-ritten.html?l=en</a> (if they sell the MOBIB one, it's <a href="http://blog.security4all.be/search?q=mobib">RFID based on Calypso</a>). The difference between the MOBIB and the JUMP card is that the JUMP also allows you to take the train between the different Brussels stations (but not beyond Brussels).<br /><br /><span style="font-weight: bold;"></span><span style="font-weight: bold;">Getting from Ibiz hotel to Grand Place: </span><br />Take Tramway route 4 direction GARE DU NORD. At 8:08, get off at stop BOURSE (5 min.) or alternatively, you can walk for +-25 minutes.<br /><span style="font-weight: bold;">Getting from VUB (BruCON) to Grand Place: </span><br />Walk to stop DELTA (3 min.). Take Metro route 5 direction ERASME. Get off at stop GARE CENTRALE (12 min.) and walk to Grand Place. (check <a href="http://g.co/maps/fkm5y">Google map</a>)<br /><span style="font-weight: bold;">Getting from Ibiz hotel to VUB:</span><br />This <a href="http://www.vub.ac.be/downloads/bereikbaarheidsficheMIVB_campusEtterbeek.pdf">PDF map from VUB</a> explain all the possible transits from all major stations (South (Midi), Central and North)<br /><br />So I hope this helps. Have fun but keep it safe! See you all at BruCON!<br /><br /><span style="font-weight: bold;">UPDATE</span>: First new event on Saturday already popped up (hat tip to Andreas):<br /><span style="font-size:85%;"><span style="font-weight: bold; font-style: italic;"></span></span><span style="font-size:85%;"><span style="font-weight: bold; font-style: italic;"></span></span><blockquote><span style="font-size:85%;"><span style="font-weight: bold; font-style: italic;">Moeder Lambic feat. Stone Brew Co. </span></span><br /><a href="http://www.moederlambic.net/events/en/events" class="external free" rel="nofollow">http://www.moederlambic.net/events/en/events</a> 30 Belgian beers on tap, 30 US specialty beers from Stone Brewing Co on tap, and to finish it off, the Cantillon Zwanze will be served on saturday. Historic event not to miss for any beer geek. <b>Date:</b> Saturday, 17th @19:00</blockquote>Keep checking the events page for updates!!<br /><p></p><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=eQhCUixHCy8:4DvB9qipznI:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=eQhCUixHCy8:4DvB9qipznI:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=eQhCUixHCy8:4DvB9qipznI:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=eQhCUixHCy8:4DvB9qipznI:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=eQhCUixHCy8:4DvB9qipznI:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=eQhCUixHCy8:4DvB9qipznI:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=eQhCUixHCy8:4DvB9qipznI:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=eQhCUixHCy8:4DvB9qipznI:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/eQhCUixHCy8" height="1" width="1" alt=""/>Bkaynoreply@blogger.com0http://blog.security4all.be/2011/09/unofficial-brucon-party-guide-plz-rt.htmltag:blogger.com,1999:blog-6437907677349484188.post-62705872228107307862011-08-29T18:28:00.004+02:002011-08-29T18:58:45.923+02:00Help improve the CISSP community. Support Wim.<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://www.ladybrillenigeria.com/wp-content/uploads/2010/06/yes-we-can.jpg"><img style="cursor:pointer; cursor:hand;width: 319px; height: 297px;" src="http://www.ladybrillenigeria.com/wp-content/uploads/2010/06/yes-we-can.jpg" alt="" border="0" /></a>
<br />
<br />My blog kinda died down after being involved with BruCON and I wasn't really planning on blogging again unless I had some good (original) content. Since I'm going for the JLPT1 certification in the next years, this may take a while. BUT I'll make an exception today to support Wim.
<br />
<br />A lot of us in the infosec community have a CISSP. The first reason is to bypass the HR checklist filters but is there really an added value besides it? I hear <a href="https://www.infosecisland.com/blogview/15450-My-Canons-on-ISC-Ethics-Such-as-They-Are.html">a lot of the people in this community being more critical</a> with the years. Especially the CISSP code of ethics is something I think is too black and white.
<br />
<br />But why only complain about it? Why not TRY to change things for the better. This is why <a href="http://blog.remes-it.be/petition.html" target="_blank">Wim Remes</a> has decided to try for a board election. I know him personally and I can vouch a 100% for him. Here are some of his points:
<br /><blockquote style="font-style: italic;"><ul><li>A closer collaboration with the information security community at large. This means recognition of what is currently considered to be an outlawish community but what I consider as a treasure trove of knowledge and capability that remains untapped. Either because we are afraid of what we don't understand or because hackers are still suffering from a bad image. Not in my book!</li><li> A review of the certification requirements for the flagship (ISC)2 certification, the CISSP, in order to bring it back to the level it once was on. Ideally with the incorporation of more in-depth requirements on a technical level, requirements in soft skills and, possibly, the addition of a written paper requirement that would show the knowledge the candidate has acquired during the learning process. This last requirement would feedback into the community becoming a valuable resource for security professionals globally.</li><li> I am from Europe. I still feel that many of the subject covered by (ISC)2 and other organizations are focused on the US. My goal is to widen the efforts to a global approach that brings communities from different continents together instead of seperating them further. While there is a different in laws, culture, etc. across continents, I firmly belief that we have more in common and there needs to be a better collaboration in order to address the security challenges we have coming at us.</li></ul></blockquote> <p>Check out more details <a href="http://blog.remes-it.be/petition.html">here</a>. Or listen to the latest <a href="http://www.eurotrashsecurity.eu/index.php/Episodes#Microtrash_Epsiodes">Eurotrashsec podcast</a> where he explains more about his views.
<br /></p>For the latest updates, follow the <a href="https://twitter.com/#%21/search/%23wim4board">#wim4board</a> hashtag on Twitter
<br /><p>Don't just take my word for it. I can also <a href="http://blog.c22.cc/2011/08/25/make-your-voice-heard-change-isc%c2%b2-for-the-good/" target="_blank">see</a> that I am <a href="http://www.andrewhay.ca/archives/1783" target="_blank">not</a> the <a href="http://www.mckeay.net/2011/08/25/support-change-at-the-isc2/" target="_blank">only</a> one who <a href="http://www.liquidmatrix.org/blog/2011/08/25/put-wim-remes-on-the-isc2-board/" target="_blank">thinks</a> this is a good idea. He has the support of a lot of good people.</p><p>You don't have the certificate? Then give out a shout to him online and throw up a blogpost!
<br /></p><p>Got for it Wim!!!
<br /></p><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=qOhrUbDGfrw:NOxl0v91gZE:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=qOhrUbDGfrw:NOxl0v91gZE:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=qOhrUbDGfrw:NOxl0v91gZE:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=qOhrUbDGfrw:NOxl0v91gZE:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=qOhrUbDGfrw:NOxl0v91gZE:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=qOhrUbDGfrw:NOxl0v91gZE:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=qOhrUbDGfrw:NOxl0v91gZE:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=qOhrUbDGfrw:NOxl0v91gZE:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/qOhrUbDGfrw" height="1" width="1" alt=""/>Bkaynoreply@blogger.com0http://blog.security4all.be/2011/08/help-improve-cissp-community-support.htmltag:blogger.com,1999:blog-6437907677349484188.post-54118809900868921672011-08-03T21:09:00.002+02:002011-08-03T21:15:42.133+02:00How to follow #Blackhat / #Defcon / #BsidesLV without being there (2011 edition)<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://1.bp.blogspot.com/_hKfJbfbBxMU/Sm48TbBLYTI/AAAAAAAACuI/TVDIUkwlJ4Q/s1600-h/2371165319_4c29d22227.jpg"><img style="cursor: pointer; width: 320px; height: 320px;" src="http://1.bp.blogspot.com/_hKfJbfbBxMU/Sm48TbBLYTI/AAAAAAAACuI/TVDIUkwlJ4Q/s320/2371165319_4c29d22227.jpg" alt="" id="BLOGGER_PHOTO_ID_5363290510612717874" border="0" /></a><br /><br />Note: update of my similar older posts<br /><br />Well, I'm one of the poor souls who couldn't make it to the Blackhat/Defcon / SecurityBsides fun. There are some ways to follow the events in Vegas (real time). ;-)<br /><br />The first tool is to use twitter and follow the hashtags #defcon, #blackhat and #bsideslv. If you have a twitter account, I would recommend installing tweetdeck and setting up 3 search columns. For those without a twitter account, you can use the <a href="http://search.twitter.com/search?q=%23blackhat+OR+%23defcon+OR+%23bsideslv">Twitter search</a> (and import it through <a href="http://search.twitter.com/search.atom?lang=en&q=%23blackhat+OR+%23defcon+OR+%23bsideslv">RSS</a>) or even better: <a href="http://twitterfall.com/">twitterfall.com</a> which is more interactive. Alternatively, give <a href="http://www.monitter.com/">monitter</a> also a try. Has a more Tweetdeck column "feel". I like it.<br /><br />Keep an eye on the Security Bloggers Network (<a href="http://feeds.feedburner.com/SecurityBloggersNetwork">RSS</a>). A lot of security bloggers will be covering the event.<br /><br />You can also monitor Flickr for the tag '<a href="http://api.flickr.com/services/feeds/photos_public.gne?tags=defcon19&lang=en-us&format=rss_200">defcon19</a>' (RSS). And this site collects all the @blackhat and @defcon pictures from twitter: <a href="http://hashalbum.com/blackhat">http://hashalbum.com/blackhat</a> and <a href="http://hashalbum.com/defcon">http://hashalbum.com/defcon</a><br /><br />This social media aggregator also looks nice: <a href="http://twubs.com/bsideslv">http://twubs.com/bsideslv,</a> <a href="http://twubs.com/defcon">http://twubs.com/defcon</a> and <a href="http://twubs.com/blackhat">http://twubs.com/blackhat</a> (all your tweets and twitpics are belong to us!) ;-)<br /><br />I think that's more then enough to follow the event except for a live video stream. And in a limited way, for Blackhat there is one: <a href="https://www.blackhat.com/html/bh-us-11/bh-us-11-uplink.html">https://www.blackhat.com/html/bh-us-11/bh-us-11-uplink.html</a>. Giving it a go as we speak.<br /><br />If you have more tips, feel free to mention them in the comments.<div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=scx9g61SKjI:wvud7rdeerU:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=scx9g61SKjI:wvud7rdeerU:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=scx9g61SKjI:wvud7rdeerU:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=scx9g61SKjI:wvud7rdeerU:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=scx9g61SKjI:wvud7rdeerU:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=scx9g61SKjI:wvud7rdeerU:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=scx9g61SKjI:wvud7rdeerU:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=scx9g61SKjI:wvud7rdeerU:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/scx9g61SKjI" height="1" width="1" alt=""/>Bkaynoreply@blogger.com0http://blog.security4all.be/2011/08/how-to-follow-blackhat-defcon-bsideslv.htmltag:blogger.com,1999:blog-6437907677349484188.post-72760984728314165432011-02-24T13:26:00.002+01:002011-02-24T13:32:32.714+01:00Are you a pentester? Then read this!If you work in a Redteam, then the following "project" is certainly one to take note of!!!<br /><span style="font-style: italic;"></span><blockquote><span style="font-size:85%;"><span style="font-style: italic;"><a href="http://www.securityaegis.com/the-open-pentest-bookmarks-collection/">The Open Penetration Testing Bookmarks Collection</a> …is just that, a collection of handy bookmarks I initially collected that aid me in my day to day work or I find in the course of research. They are not all inclusive and some sections need to be parsed but they are all good reference materials. I find having this Hackery folder in Firefox an easy way to reference syntax, tricks, methods, and generally facilitate and organize research. Hopefully the initial set will grow and expand. Opening it up to everyone will facilitate a knowledge transfer.</span></span></blockquote>Speaking of Pentesting, a lot of people have been complaining about the difference of quality and the lack of a standard for Pentesting assignments. So here we have it: the "<a href="http://pentest-standard.org/index.php?title=FAQ">Penetration Testing Execution Standard</a>" has been kicked off by some experienced people from the field! It's far from finished but I expect some good things to come from it. Check it out!!!<div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=HRAO-_K7-aA:ZC3dtQ0Hlxw:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=HRAO-_K7-aA:ZC3dtQ0Hlxw:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=HRAO-_K7-aA:ZC3dtQ0Hlxw:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=HRAO-_K7-aA:ZC3dtQ0Hlxw:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=HRAO-_K7-aA:ZC3dtQ0Hlxw:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=HRAO-_K7-aA:ZC3dtQ0Hlxw:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=HRAO-_K7-aA:ZC3dtQ0Hlxw:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=HRAO-_K7-aA:ZC3dtQ0Hlxw:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/HRAO-_K7-aA" height="1" width="1" alt=""/>Bkaynoreply@blogger.com0http://blog.security4all.be/2011/02/are-you-pentester-then-read-this.htmltag:blogger.com,1999:blog-6437907677349484188.post-56305686382506018662011-02-23T19:29:00.004+01:002011-02-24T13:26:13.193+01:00The Dutch National Cyber Security StrategyOur Dutch neighbors will start a National Cyber Security Center. GoverCERT.nl will play a major role and published the strategy document this week. A lot of non-brainers are in there like the need for more international collaboration etc... There is an English version so you can read it yourself.<br /><br /> Download <a href="http://www.govcert.nl/binaries/live/govcert/hst%3Acontent/actueel/nieuws/nationale-cyber-security-strategie-gepresenteerd/national">here</a><br /><br />They did mention the need for more individual responsibility but apart from awareness campaigns, I'm not sure how they will achieve this. A lot of reports show that 30-50% (some even more) of consumers are infected with some kind of malware and this is certainly a problem that we need to tackle.<br /><br />There was one little detail in the report that sparked my interest: "International Watch and Warning Network (IWWN)". I never heard about this before so please excuse me while I'll go Google it! <br /><br />Does your country have a strategy? Link it below! ;-)<div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=tBlgroUaElg:plwtSK3kA30:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=tBlgroUaElg:plwtSK3kA30:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=tBlgroUaElg:plwtSK3kA30:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=tBlgroUaElg:plwtSK3kA30:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=tBlgroUaElg:plwtSK3kA30:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=tBlgroUaElg:plwtSK3kA30:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=tBlgroUaElg:plwtSK3kA30:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=tBlgroUaElg:plwtSK3kA30:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/tBlgroUaElg" height="1" width="1" alt=""/>Bkaynoreply@blogger.com0http://blog.security4all.be/2011/02/dutch-national-cyber-security-strategy.htmltag:blogger.com,1999:blog-6437907677349484188.post-43642266876090643422011-02-23T19:07:00.003+01:002011-02-23T19:25:39.645+01:00When a CERT has to break the lawI spotted an interesting article on ZDnet Australia today: "<a href="http://www.zdnet.com.au/fraudsters-escape-as-laws-bind-auscert-339310118.htm">Fraudsters escape as laws bind AusCERT</a>".<br /><p style="font-style: italic;"></p><blockquote><p style="font-style: italic;">AusCERT head Graham Ingram said the logs were previously viewable in plain text, but are now stored in a protected MySQL format.</p> <p style="font-style: italic;">"They are encrypted and we can't break that by law," he told an audience at the National Security Australia conference in Sydney yesterday.</p></blockquote><p style="font-style: italic;"></p>This was the part that caught my eye. Is this a new trend? Is this a legal issue limited to Australia? At least I hope so. There have been many examples on police getting exempt from certain security laws like the "<a href="http://blog.security4all.be/2009/01/police-hacking-laws-moving-from-germany.html">police trojans</a>" (Germany). I have mixed feelings about such actions but I totally support a CERT or forensics team bypassing "protected" parts of a system if crimeware is involved. I'm just wondering if the malware writers had this legal issue in mind when they 'protected' the info or if they were just protecting their assets against competitors?<br /><br />Speaking of CERTs, CERT Polska published a really interesting article today on the new Zeus malware involving banking trojans that infect Blackberries and Android phones. Check it out <a href="http://www.cert.pl/news/3193/langswitch_lang/en">here</a>. Now that banks are gearing towards dual authentication through phones and/or mobile apps, the threat landscape just followed. Where there is money, there is.....<div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=6BfqEin2Vlc:jdlydBdcyiE:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=6BfqEin2Vlc:jdlydBdcyiE:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=6BfqEin2Vlc:jdlydBdcyiE:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=6BfqEin2Vlc:jdlydBdcyiE:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=6BfqEin2Vlc:jdlydBdcyiE:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=6BfqEin2Vlc:jdlydBdcyiE:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=6BfqEin2Vlc:jdlydBdcyiE:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=6BfqEin2Vlc:jdlydBdcyiE:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/6BfqEin2Vlc" height="1" width="1" alt=""/>Bkaynoreply@blogger.com0http://blog.security4all.be/2011/02/when-cert-has-to-break-law.htmltag:blogger.com,1999:blog-6437907677349484188.post-57609770586179224482011-02-13T23:57:00.004+01:002011-02-15T19:53:41.035+01:00Threat Whitepapers of the week to readSeveral interesting papers turned up on my Twitterfeed last week. I recommend you read them. Most of them share some "themes". Enjoy!!<br /><ul><li><a href="http://blog.zeltser.com/post/3235995383/pdf-stream-dumper-malicious-file-analysis">Analyzing Suspicious PDF Files With PDF Stream Dumper</a> by Lenny Zeltser</li><li><a href="http://www.symantec.com/connect/blogs/updated-w32stuxnet-dossier-available">Updated W32.Stuxnet Dossier is Available</a> by Symantec</li><li><a href="http://www.cert.org/archive/pdf/11tr005.pdf">"Network Monitoring for Web-Based Threat"</a> (pdf) by CERT/CC</li><li><a href="https://www.microsoft.com/downloads/en/details.aspx?FamilyID=da73febd-5a20-47d6-8a0b-789423e21a94">Battling the Zbot Threat</a> by Microsoft</li><li><a href="http://blogs.mcafee.com/corporate/cto/global-energy-industry-hit-in-night-dragon-attacks">Global Energy Industry Hit In “Night Dragon”"</a> Attacks by McAfee</li></ul>Some might have a (hidden) commercial message and a <a href="http://www.flyingpenguin.com/?p=9968&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+flyingpenguin+%28flyingpenguin%29">little FUD</a>, but it's better then reading the Sunday newspaper. Hey, at least for me. ;-)<div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=mOclP9_HjKw:UQY-YopvR24:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=mOclP9_HjKw:UQY-YopvR24:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mOclP9_HjKw:UQY-YopvR24:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mOclP9_HjKw:UQY-YopvR24:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mOclP9_HjKw:UQY-YopvR24:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mOclP9_HjKw:UQY-YopvR24:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=mOclP9_HjKw:UQY-YopvR24:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mOclP9_HjKw:UQY-YopvR24:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/mOclP9_HjKw" height="1" width="1" alt=""/>Bkaynoreply@blogger.com0http://blog.security4all.be/2011/02/threat-whitepapers-of-week-to-read.htmltag:blogger.com,1999:blog-6437907677349484188.post-12552346008974276962010-07-29T17:12:00.005+02:002010-07-29T17:57:56.604+02:00#blackhat day 1: my small collection of articles, pics, video, tools and quotesWhile not being at Blackhat USA, BsidesLasVegas or Defcon, I did put <a href="http://blog.security4all.be/2010/07/how-to-follow-blackhat-defcon-without.html">my own advice</a> to practice on how to follow the conferences online. There is probably a lot more and a lot that I missed but here is a small selection of information that caught my eye. Enjoy.<br /><br /><span style="font-weight: bold;">Articles:</span><br /><ul><li><a href="http://www.theregister.co.uk/2010/07/28/atm_hacking_demo/">Armed with exploits, ATM hacker hits the jackpot</a> (TheRegister)</li><li><a href="http://mobile.venturebeat.com/2010/07/28/android-wallpaper-app-that-steals-your-data-was-downloaded-by-millions/">Android wallpaper app that steals your data was downloaded by millions</a> (venturebeat.com)</li><li><a href="http://it.toolbox.com/blogs/securitymonkey/blackhat-briefings-2010-day-1-liveblog-40237">BlackHat Briefings 2010: Day 1 LiveBlog</a> (toolbox.com)</li><li><a href="http://www.darkreading.com/smb-security/security/government/showArticle.jhtml?articleID=226300227">ATMs At Risk, Researcher Warns At Black Hat</a> (darkreading.com)</li><li><a href="http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1517469,00.html">Targeted network security attacks beating forensics efforts</a> (techtarget.com)</li><li><a href="http://www.cupfighter.net/index.php/2010/07/blackhatusa-electricity-for-free/">Electricity for Free? The Dirty Underbelly of SCADA and Smart Meters</a> (cupfighter.net)</li><li> <a href="http://hardware.slashdot.org/story/10/07/28/195244/DefCon-Ninja-Badges-Let-Hackers-Do-Battle?from=twitter">DefCon Ninja Badges Let Hackers Do Battle</a> (slashdot.org)</li><li><a href="http://www.net-security.org/secworld.php?id=9651&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+HelpNetSecurity+%28Help+Net+Security%29">Cell-phone call interception demonstration at Defcon might not be a sure thing </a>(helpnetsecurity)</li><li><a href="http://blog.c22.cc/">Catch 22 blog</a> for extensive BsidesLV coverage<br /></li></ul><span style="font-weight: bold;">Video:</span><br /><ul><li>Official Blackhat movie on <a href="http://media.blackhat.com/bh-us-10/video/Jack/BlackHat-USA-2010-Jack-JackpottingATM-video.m4v">ATM hack</a> from Barnaby Jack (.m4v)<br /></li><li><a href="http://www.youtube.com/watch?v=qwMuMSPW3bU">Barnaby Jack Hacks ATM At Black Hat</a> (youtube)</li><li>Bsides Las Vegas video <a href="http://www.livestream.com/BSidesLVTrack1">stream link</a><br /></li></ul><span style="font-weight: bold;">Slides:</span><br /><ul><li><a href="http://securitybananas.com/?p=368">Virtual Forensics</a> by Christiaan Beek (Securitybananas.com)</li></ul><span style="font-weight: bold;">Tools:</span><br /><ul><li><a href="http://hackademix.net/2010/07/28/abe-patrols-the-routes-to-your-routers/">NoScript 2.0 released to counter homerouter DNS rebinding attack</a></li><li>BlindElephant,an <a href="https://twitter.com/search?q=%23opensource" title="#opensource" class="tweet-url hashtag" rel="nofollow">#opensource</a> Web Application Fingerprinter: <a href="http://blindelephant.sourceforge.net/" class="tweet-url web" rel="nofollow" target="_blank">http://blindelephant.sourceforge.net/</a></li></ul><span style="font-weight: bold;">Twitter quotes:</span><br /><ul><li><span class="status-body"><span class="status-content"><span class="entry-content">Most epic fail <a href="https://twitter.com/search?q=%23pwnie" title="#pwnie" class="tweet-url hashtag" rel="nofollow">#pwnie</a> went to <a href="https://twitter.com/search?q=%23Microsoft" title="#Microsoft" class="tweet-url hashtag" rel="nofollow">#Microsoft</a> for their XSS filter that introduced XSS issues in sites without XSS's (by <a href="https://twitter.com/ashcrow/statuses/19787053103#">@ashcrow</a>)<br /></span></span></span></li><li><span class="status-body"><span class="entry-content">Triton and Tranax ATM door master keys $2.52 <a href="http://bit.ly/dgDMiO" class="tweet-url web" rel="nofollow" target="_blank">http://bit.ly/dgDMiO</a> (by <a href="https://twitter.com/kchr/status/19781970080#">@kchr</a>)</span></span></li><li><span class="status-body"><span class="entry-content">Russians made more last year with bank fraud than columbia sell drugs <a href="https://twitter.com/search?q=%23blackhatusa" title="#blackhatusa" class="tweet-url hashtag" rel="nofollow">#blackhatusa</a> malware fingerprinting talk ( by <a href="https://twitter.com/killface666/status/19760860188">@killface666</a>)</span></span></li><li><span class="status-body"><span class="entry-content">@<a class="tweet-url username" href="https://twitter.com/0xcharlie" rel="nofollow">0xcharlie</a> drops Acrobat Reader 0day in his talk. BitBlaze used to do crash analysis. (by <a href="https://twitter.com/MaliciousInput/status/19764032399">@malicousinput</a>)</span></span></li><li><span class="status-body"><span class="status-content"><span class="entry-content">Feel safe Juniper and ATM makers delayed the talk a year, but didn't mitigate the vulnerability (by <a href="https://twitter.com/meatballninja/statuses/19772865707">@meatballninja</a>)</span></span></span></li><li><a href="https://twitter.com/search?q=%23Qualys" title="#Qualys" class="tweet-url hashtag" rel="nofollow"><span class="status-body"><span class="entry-content"> </span></span></a><a href="https://twitter.com/search?q=%23Qualys" title="#Qualys" class="tweet-url hashtag" rel="nofollow">#Qualys</a> launchs BlindElephant,an <a href="https://twitter.com/search?q=%23opensource" title="#opensource" class="tweet-url hashtag" rel="nofollow">#opensource</a> Web Application Fingerprinter: <a href="http://blindelephant.sourceforge.net/" class="tweet-url web" rel="nofollow" target="_blank">http://blindelephant.sourceforge.net/</a> (by <a href="https://twitter.com/EmilieALX/statuses/19737471847">@emiliealx</a>)<br /></li></ul><span style="font-weight: bold;">Pictures:</span><br /><ul><li><a href="http://hashalbum.com/defcon">http://hashalbum.com/defcon</a></li><li><a href="http://hashalbum.com/blackhat">http://hashalbum.com/blackhat</a></li></ul>Related posts:<br /><ul><li><a href="http://blog.security4all.be/2010/07/how-to-follow-blackhat-defcon-without.html">How to follow #Blackhat / #Defcon / #BsidesLV without being there (updated x4)</a></li><li><a href="http://blog.security4all.be/2010/01/download-26c3-videos-and-bonus-material.html">Download the #26C3 videos and bonus material</a></li><li><a href="http://blog.security4all.be/2009/08/get-defcon-17-cd-archive.html">Get the #DEFCON 17 CD Archive (updated x2)</a></li><li><a href="http://blog.security4all.be/2009/07/day-2-collection-of-blackhat-articles.html">Day 2: A collection of #Blackhat articles: keeping remote track of the event</a></li><li><a href="http://blog.security4all.be/2009/07/blackhat-slides-available-and-first.html">BlackHat slides available and first blogposts</a></li><li><a href="http://blog.security4all.be/2009/07/how-to-follow-blackhatdefcon-without.html">How to follow Blackhat/Defcon without being there</a></li><li><a href="http://blog.security4all.be/2009/07/preparing-your-laptop-or-iphone-for.html">Preparing your laptop (or iPhone) for a security/hacker conference</a></li></ul><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=lF8gB3IgLXw:so_mDSejm3Y:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=lF8gB3IgLXw:so_mDSejm3Y:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=lF8gB3IgLXw:so_mDSejm3Y:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=lF8gB3IgLXw:so_mDSejm3Y:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=lF8gB3IgLXw:so_mDSejm3Y:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=lF8gB3IgLXw:so_mDSejm3Y:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=lF8gB3IgLXw:so_mDSejm3Y:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=lF8gB3IgLXw:so_mDSejm3Y:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/lF8gB3IgLXw" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/07/blackhat-day-1-my-small-collection-of.htmltag:blogger.com,1999:blog-6437907677349484188.post-28806174142130629852010-07-27T09:58:00.006+02:002010-07-28T14:19:44.881+02:00How to follow #Blackhat / #Defcon / #BsidesLV without being there (updated x4)<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://1.bp.blogspot.com/_hKfJbfbBxMU/Sm48TbBLYTI/AAAAAAAACuI/TVDIUkwlJ4Q/s1600-h/2371165319_4c29d22227.jpg"><img style="cursor: pointer; width: 320px; height: 320px;" src="http://1.bp.blogspot.com/_hKfJbfbBxMU/Sm48TbBLYTI/AAAAAAAACuI/TVDIUkwlJ4Q/s320/2371165319_4c29d22227.jpg" alt="" id="BLOGGER_PHOTO_ID_5363290510612717874" border="0" /></a><br /><br />Note: this is a rehash of a previous blogpost<br /><br />Well, I'm one of the poor souls who couldn't make it to the Blackhat/Defcon / SecurityBsides fun. There are some ways to follow the events in Vegas (real time). ;-)<br /><br />The first tool is to use twitter and follow the hashtags #defcon, #blackhat and #bsideslv. If you have a twitter account, I would recommend installing tweetdeck and setting up 3 search columns. For those without a twitter account, you can use the <a href="http://search.twitter.com/search?q=%23blackhat+OR+%23defcon+OR+%23bsideslv">Twitter search</a> (and import it through <a href="http://search.twitter.com/search.atom?lang=en&q=%23blackhat+OR+%23defcon+OR+%23bsideslv">RSS</a>) or even better: <a href="http://twitterfall.com/">twitterfall.com</a> which is more interactive.<br /><br />Keep an eye on the Security Bloggers Network (<a href="http://feeds.feedburner.com/SecurityBloggersNetwork">RSS</a>) and a Technorati search (<a href="http://feeds.technorati.com/search/defcon?authority=a4&language=en">RSS</a>). A lot of security bloggers will be covering the event.<br /><br />You can also monitor Flickr for the tag '<a href="http://api.flickr.com/services/feeds/photos_public.gne?tags=defcon18&lang=en-us&format=rss_200">defcon18</a>' (RSS). And this site collects all the @blackhat and @defcon pictures from twitter: <a href="http://hashalbum.com/blackhat">http://hashalbum.com/blackhat</a> and <a href="http://hashalbum.com/defcon">http://hashalbum.com/defcon</a><br /><br />This social media aggregator also looks nice: <a href="http://twubs.com/defcon">http://twubs.com/defcon</a> and <a href="http://twubs.com/blackhat">http://twubs.com/blackhat</a> (all you tweets and twitpics are belong to us!) ;-)<br /><br />I think that's more then enough to follow the event except for a live video stream. ;-)<br /><br />If you have more tips, feel free to mention them in the comments.<br /><br />Update: added SecurityBSides (thanks <a href="http://twitter.com/webantix">@webantix</a>), shame on me for forgetting<br />Update 2: I know there is a video stream for Blackhat but it's not free so that's why I didn't mention it!<br />Update 3: Added twubs.com<br />Update 4: Added hashalbum.com<div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=KIl8rezV9zo:YAueQxXeObs:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=KIl8rezV9zo:YAueQxXeObs:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=KIl8rezV9zo:YAueQxXeObs:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=KIl8rezV9zo:YAueQxXeObs:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=KIl8rezV9zo:YAueQxXeObs:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=KIl8rezV9zo:YAueQxXeObs:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=KIl8rezV9zo:YAueQxXeObs:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=KIl8rezV9zo:YAueQxXeObs:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/KIl8rezV9zo" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com1http://blog.security4all.be/2010/07/how-to-follow-blackhat-defcon-without.htmltag:blogger.com,1999:blog-6437907677349484188.post-29653542925432931812010-06-16T13:06:00.001+02:002010-06-16T13:25:40.639+02:00Wikileaks needs YOUR help!!If you don't know what wikileaks is, read <a href="http://wikileaks.org/wiki/WikiLeaks:About">this</a> first. Wikileaks is under fire and need helps. And there are several ways to do that. I made a 25 euro donation and dedicated this blogpost to them to help. I'm asking you to do the same or help them in any way you can!<br /><span style="font-size:85%;"><span style="font-style: italic;"></span></span><blockquote><span style="font-size:85%;"><span style="font-style: italic;">WikiLeaks a small organization going through enormous growth and operating in an adverserial, high-security environment which can make communication time consuming and the acquisition of new staff and volunteers, also difficult since they require high levels of trust.</span><br /><br /><span style="font-style: italic;"> To try and deal with our growth and the current difficult situation, we want to get you to work together with our other supporters to set up a "Friends of WikiLeaks" group in your area. We have multiple supporters in most countries and would like to see them be a strong and independent force.</span><br /><br /><span style="font-style: italic;"> Please write to </span><a style="font-style: italic;" href="mailto:friends@sunshinepress.org">friends@sunshinepress.org</a><span style="font-style: italic;"> if you are interested in helping with Friends of WikiLeaks in your area. You will receive further instructions.</span><br /><br /><span style="font-style: italic;"> We also have significant unexpected legal costs (for example flying a legal team to Kuwait, video production. Collateral Murder production costs were $50,000 all up).</span><br /><br /><span style="font-style: italic;"> Any financial contributions will be of IMMEDIATE assistance.</span><br /><br /><a style="font-style: italic;" href="http://wikileaks.org/wiki/Special:Support" target="_blank">http://wikileaks.org/wiki/<wbr>Special:Support</a><br /><br /><span style="font-style: italic;"> Please donate and tell the world that you have done so. Encourage all your friends to follow the example you set, after all, courage is contagious. (Source: Wikileaks)</span></span> </blockquote><br />Related posts:<br /><ul><li><a href="http://blog.security4all.be/2010/03/international-day-against-censorship.html">International day against censorship</a></li><li><a href="http://blog.security4all.be/2010/03/icelandic-modern-media-initiative.html">The Icelandic Modern Media Initiative addresses the key issues for free expression in the digital age</a></li><li><a href="http://blog.security4all.be/2009/10/ways-to-bypass-big-belgian-firewall.html">Ways to bypass the Big Belgian firewall</a></li><li><a href="http://blog.security4all.be/2009/10/automated-social-networking.html">Automated Social Networking Surveillance Systems</a></li><li><a href="http://blog.security4all.be/2009/07/according-to-child-support-groups-net.html">According to Child Support groups, Net filtering is a waste of money</a></li><li><a href="http://blog.security4all.be/2009/07/big-brother-2009-has-rebellion-started.html">Big Brother 2009: Has the rebellion started?</a></li><li><a href="http://blog.security4all.be/2009/01/police-hacking-laws-moving-from-germany.html">Police hacking laws moving from Germany to the rest of Europe. Do as I say, not as I do.</a></li></ul><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=kEBGO0-b5qw:8nZaHIMboEI:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=kEBGO0-b5qw:8nZaHIMboEI:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=kEBGO0-b5qw:8nZaHIMboEI:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=kEBGO0-b5qw:8nZaHIMboEI:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=kEBGO0-b5qw:8nZaHIMboEI:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=kEBGO0-b5qw:8nZaHIMboEI:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=kEBGO0-b5qw:8nZaHIMboEI:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=kEBGO0-b5qw:8nZaHIMboEI:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/kEBGO0-b5qw" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/06/wikileaks-needs-help.htmltag:blogger.com,1999:blog-6437907677349484188.post-32441026598383876562010-03-22T23:25:00.003+01:002010-03-23T00:01:15.698+01:00Hacking = InnovationI didn't really expect my rant to make it to <a href="http://security.nl/artikel/32820/1/%27Media_bevuilen_werkelijke_betekenis_hacker%27.html">security.nl</a> today. It's funny to see that the term is almost as religiously debated as the choice of favorite linux distro.<br /><br />I never said that we couldn't use the term hacker in more meaning then the original one, but we should also explain the other (positive) meanings from time to time. Which was my purpose and goal.<br /><br />My problem is the use of the word hacker, just to grab attention and get more hits to the news article. Even if it barely fits the case of a cybercriminal. That was my real issue.<br /><br />But I give journalists credit for sometimes writing good articles without hyping the word hacker. This week there was <a href="http://www.nytimes.com/2010/03/21/world/asia/21grid.html">this NYT article</a> on a study done on US powergrid vulnerabilities. Ok, they used the term "cyberwarrior" but maybe only once. And wired.com did <a href="http://www.wired.com/gadgetlab/2009/03/hackerspaces/">a great piece on hackerspaces</a> before. So it isn't all bad all the time.<br /><br />Now some people said that it should be generally accepted that it means a criminal and I don't completely agree. Just have a look at wikipedia: <a href="http://en.wikipedia.org/wiki/Hacker">http://en.wikipedia.org/wiki/Hacker</a><br /><br />======================<br /><h2 style="font-style: italic;"><span class="mw-headline" id="Innovation"></span></h2><blockquote><h2 style="font-style: italic;"><span class="mw-headline" id="Innovation">Innovation</span></h2> <ul style="font-style: italic;"><li><a href="http://en.wikipedia.org/wiki/Hacker_%28computing%29" title="Hacker (computing)">Hacker (computing)</a>, a contentious term used for several types of person: <ul><li><a href="http://en.wikipedia.org/wiki/Hacker_%28computer_security%29" title="Hacker (computer security)">Hacker (computer security)</a> or cracker, who accesses a computer system by circumventing its security system</li><li><a href="http://en.wikipedia.org/wiki/Hacker_%28programmer_subculture%29" title="Hacker (programmer subculture)">Hacker (programmer subculture)</a>, who shares an anti-authoritarian approach to software development now associated with the free software movement</li><li style="font-weight: bold;"><a href="http://en.wikipedia.org/wiki/Hacker_%28hobbyist%29" title="Hacker (hobbyist)">Hacker (hobbyist)</a>, who makes innovative customizations or combinations of retail electronic and computer equipment</li></ul> </li></ul> <p style="font-style: italic;">Analogous meanings in other fields are:</p> <ul style="font-style: italic;"><li><a href="http://en.wikipedia.org/wiki/Media_hacker" title="Media hacker">Media hacker</a>, innovative user of digital media</li><li><a href="http://en.wikipedia.org/w/index.php?title=Wetware_hacker&action=edit&redlink=1" class="new" title="Wetware hacker (page does not exist)">Wetware hacker</a>, who experiments with biological materials</li><li><a href="http://en.wikipedia.org/wiki/Reality_hacking" title="Reality hacking">Reality hacking</a>, activism through legally dubious disruption of digital media</li></ul></blockquote>======================<br />Yes, you can scold me for using wikipedia. But besides the many meaning of this word mentioned here, was the category that they belong to!!! INNOVATION!! And not just the old "meaning" of taking things apart. Hacking = innovation. And I hope we can communicate this as counterbalance to some of the press out there.<br /><br />Have a look at this BruCON presentation by Astera on Hackerspaces and make up your mind.<br /><br /><object height="300" width="400"><param name="allowfullscreen" value="true"><param name="allowscriptaccess" value="always"><param name="movie" value="http://vimeo.com/moogaloop.swf?clip_id=6911866&server=vimeo.com&show_title=1&show_byline=1&show_portrait=0&color=&fullscreen=1"><embed src="http://vimeo.com/moogaloop.swf?clip_id=6911866&server=vimeo.com&show_title=1&show_byline=1&show_portrait=0&color=&fullscreen=1" type="application/x-shockwave-flash" allowfullscreen="true" allowscriptaccess="always" height="300" width="400"></embed></object><p><a href="http://vimeo.com/6911866">Building Hackerspaces Everywhere - Astera - BruCON 2009</a> from <a href="http://vimeo.com/user2370816">security4all</a> on <a href="http://vimeo.com/">Vimeo</a>.</p><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=cNH3NGs4wa4:TQKajD1hPZw:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=cNH3NGs4wa4:TQKajD1hPZw:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=cNH3NGs4wa4:TQKajD1hPZw:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=cNH3NGs4wa4:TQKajD1hPZw:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=cNH3NGs4wa4:TQKajD1hPZw:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=cNH3NGs4wa4:TQKajD1hPZw:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=cNH3NGs4wa4:TQKajD1hPZw:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=cNH3NGs4wa4:TQKajD1hPZw:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/cNH3NGs4wa4" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/03/hacking-innovation.htmltag:blogger.com,1999:blog-6437907677349484188.post-22509048945846737532010-03-21T12:03:00.007+01:002010-03-21T19:20:55.864+01:00Three strike law threatening Belgium and "The Internet is freedom"I saw this <a href="http://datanews.rnews.be/nl/news/90-5-29000/wetsvoorstel-illegale-downloads-richt-pijlen-ook-op-providers-en-websites.html">Datanews article</a> (Dutch) that a Senator has proposed a three strike law for copyright protection in Belgium. I hoped that this insanity would stay in the UK and France but it seems it has come to Belgium as well. Spying on citizens and disconnecting them from the internet is not the way!!<br /><br />As the internet has become a central part of our lives, it's becoming a basic right and need like electricity and water. And every person has the right to have it. You can't regulate a market that refuses to innovate and protect their "dying way". Labeling our children as pirates or terrorists is not the way to solve this issue.<br /><br />Just last week, the copyright watchdog SABAM in Belgium was accused of <a href="http://www.zita.be/nieuws/binnenland/753395_sabam-moet-artiesten-nog-200-miljoen-euro.html">not paying 200 million euro</a> (zita) due fees back to artists. Yet, "pirates" are accused of causing all the issues.<br /><br />I hope that everyone involved in this discussion takes 30 minutes to look at this presentation of Lawrence Lessig below that he gave before the Italian parliament. He explains it better then I ever could. Have a look! Take the time!<br /><br />Blog and tweet about this. Engage others and write to your elected politicians. Don't sit idle!<br />--<br /><object height="385" width="480"><param name="movie" value="http://www.youtube.com/v/fe2UsBXr-ls&hl=en_US&fs=1&"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><embed src="http://www.youtube.com/v/fe2UsBXr-ls&hl=en_US&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" height="385" width="480"></embed></object><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=_3tQb4DKhkI:iQXhrD63Pzs:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=_3tQb4DKhkI:iQXhrD63Pzs:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=_3tQb4DKhkI:iQXhrD63Pzs:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=_3tQb4DKhkI:iQXhrD63Pzs:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=_3tQb4DKhkI:iQXhrD63Pzs:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=_3tQb4DKhkI:iQXhrD63Pzs:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=_3tQb4DKhkI:iQXhrD63Pzs:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=_3tQb4DKhkI:iQXhrD63Pzs:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/_3tQb4DKhkI" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/03/three-strike-law-threatening-belgium.htmltag:blogger.com,1999:blog-6437907677349484188.post-60300162818750671822010-03-18T21:05:00.006+01:002010-03-18T23:17:38.635+01:00The media spinwheel on the word Hacker. My rant of the day.<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://4.bp.blogspot.com/_hKfJbfbBxMU/S6KOUczmeMI/AAAAAAAACxo/p03PL0pVMS4/s1600-h/1337h4x0r2.jpg"><img style="cursor: pointer; width: 364px; height: 291px;" src="http://4.bp.blogspot.com/_hKfJbfbBxMU/S6KOUczmeMI/AAAAAAAACxo/p03PL0pVMS4/s320/1337h4x0r2.jpg" alt="" id="BLOGGER_PHOTO_ID_5450074981052872898" border="0" /></a><br /> <div> <a id="blog_header" href="http://www.wired.com/threatlevel"> <span class="blogName"></span></a></div><br /><span style="font-weight: bold;">Hacker Disables More Than 100 Cars Remotely</span> (<a href="http://www.wired.com/threatlevel/2010/03/hacker-bricks-cars/">wired.com</a>). This story circulated a lot on different websites and on Twitter today and is the reason for this rant.<br /><br />Normally I have high regards for wired.com for the articles they write, including the series they did on hackerspaces. But with this article, they really disappointed me. I'm used that the main media makes this mistake but not Wired.<br /><br />How would you define an ex-employee, guessing or stealing a former co-worker's password to access the system and screwing with it out of revenge? A cybercriminal? A hacker?<br /><br />Wrong and wrong. It's an insider threat! He really must had mad 1337 skills to pull this one off!<br /><br />I know that the word hacker is a confusing term meaning a lot of different things to different people, including the media's insistent wish to use it to describe cybercriminals. (Hint: use a dictionary).<br />But this all leads to so many misunderstanding. Hardware hacker, blackhat hackers, whitehat hackers, greyhat hackers, software hackers, kernel hackers, lifehackers, script kiddies, etc etc.... there are so many different dimensions to the word hacker that it leaves the average outsider confused.<br /><br />But I have to be honest, I sometimes catch even myself using the word hacker in the context of 'cybercriminal'. Even if I know better, it's a bad habit. I often try to correct myself and others but it's an uphill battle. Let's use more specific terms!<br /><br />But a lot of the above variations have a common element: taking things apart and learning how they work and improve on them. It's this sharing and curiosity of how things work that is at the core of the original meaning of 'hacking' and involve non-computer related domains as well.<br /><br />I'm a big supporter of the rise of the current flood of hackerspaces around the world and also<a href="http://hackerspaces.org/wiki/Belgium"> in Belgium</a>. As these spaces embody the original meaning of hacking and enables users to learn and share knowledge. Sometimes compared to <a href="http://www.wired.com/gadgetlab/2009/03/hackerspaces/">Do-it-yourself labs or workplaces</a> (wired.com).<br /><br />Frank Rieger, part of the Chaos Computer Club couldn't have said it better in this BBC article today:<br /><p style="font-style: italic;"><span style="font-size:85%;"></span></p><blockquote><p style="font-style: italic;"><span style="font-size:85%;">For CCC member Frank Rieger, <span style="font-weight: bold;">the word hacking - the process of reconfiguring or reprogramming a system to do things that its inventor never intended - needs to be reclaimed, and stripped of negative connotations. </span><br /></span></p><p style="font-style: italic;"><span style="font-size:85%;">...<br /></span></p><p style="font-style: italic;"><span style="font-size:85%;">"We are trying to show people the beauty of technology, and how exciting it can be to find out new stuff and then do good things with that," he says. (Source: <a href="http://news.bbc.co.uk/2/low/technology/8567934.stm">BBC news</a>)<br /></span></p></blockquote>Emphasis added by me. So is it time to educate the media and others to reclaim the word hacker for what it really means? It might be!<br /><br /><b><span style="font-size:180%;">I have no special talent, I am only passionately curious -- Albert Einstein</span></b><br /><br />Related posts:<br /><ul><li><a href="http://blog.security4all.be/2010/03/hackerspace-ghent-whitespace-or-0x20.html">Hackerspace Ghent (Whitespace or 0x20) will have their Open weekend on 19 - 21 March</a></li><li><a href="http://blog.security4all.be/2010/02/hackerspace-antwerp-in-bootstrap-mode.html">Hackerspace Antwerp in bootstrap mode</a></li><li><a href="http://blog.security4all.be/2010/01/date-for-hackerspace-antwerp-startup.html">The date for the Hackerspace Antwerp Startup Meeting</a></li><li><a href="http://blog.security4all.be/2009/12/discussing-about-hackerspace-antwerp.html">Discussing about Hackerspace Antwerp</a></li><li> <a name="2020654797735972754"></a> <a href="http://blog.security4all.be/2009/02/what-is-hackerspace.html">What is a hackerspace?</a></li><li><a href="http://blog.security4all.be/2009/01/what-does-hackerspace-looks-like.html">What does a hackerspace look like? And the next Hackerspace Brussels meetup.</a></li></ul><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=YdzE9Whfa4Q:KtHQyMi81K0:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=YdzE9Whfa4Q:KtHQyMi81K0:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YdzE9Whfa4Q:KtHQyMi81K0:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YdzE9Whfa4Q:KtHQyMi81K0:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YdzE9Whfa4Q:KtHQyMi81K0:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YdzE9Whfa4Q:KtHQyMi81K0:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=YdzE9Whfa4Q:KtHQyMi81K0:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YdzE9Whfa4Q:KtHQyMi81K0:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/YdzE9Whfa4Q" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com7http://blog.security4all.be/2010/03/media-spinwheel-on-word-hacker-my-rant.htmltag:blogger.com,1999:blog-6437907677349484188.post-73731723719669989362010-03-13T00:43:00.003+01:002010-03-13T00:57:56.717+01:00International day against censorship<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://1.bp.blogspot.com/_hKfJbfbBxMU/S5rU5vEOmTI/AAAAAAAACxg/PKL5FCobu48/s1600-h/555463200_c2ffea750c.jpg"><img style="cursor: pointer; width: 400px; height: 296px;" src="http://1.bp.blogspot.com/_hKfJbfbBxMU/S5rU5vEOmTI/AAAAAAAACxg/PKL5FCobu48/s400/555463200_c2ffea750c.jpg" alt="" id="BLOGGER_PHOTO_ID_5447900787609868594" border="0" /></a><br /><br />I saw some messages floating around on twitter that today was The Internation Day against Censorship. It's the first time I heard about this. So I'm helping a bit by mentioning <a href="http://wikileaks.org/#Change_you_can_believe_in">Wikileaks</a> again. Don't know what it is? Look at this short video from the BBC:<br /><br /><object height="385" width="640"><param name="movie" value="http://www.youtube.com/v/4o2ZGk1djTU&hl=en_US&fs=1&"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><embed src="http://www.youtube.com/v/4o2ZGk1djTU&hl=en_US&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" height="385" width="640"></embed></object><br />-<br /><span style="font-style: italic;font-size:85%;" ></span><blockquote><span style="font-style: italic;font-size:85%;" >The Sunshine Press (WikiLeaks) is an non-profit organization funded by human rights campaigners, investigative journalists, technologists and the general public. Through your support we have exposed significant injustice around the world— successfully fighting off over 100 legal attacks in the process. Although our work produces reforms daily and is the recipient of numerous prestigious awards, including the 2008 Index on Censorship-Economist Freedom of Expression Award as well as the 2009 Amnesty International New Media Award, these accolades do not pay the bills. Nor can we accept government or corporate funding and maintain our absolute integrity. It is <a href="http://wikileaks.org/#Change_you_can_believe_in">your strong support alone</a> that preserves our continued independence and strength. (source: <a href="http://wikileaks.org/#Change_you_can_believe_in">wikileaks</a>)<br /></span></blockquote>They still need donations to keep running! Help them. Happy anti-censorshipday!<br /><br />Related posts:<br /><ul><li><a href="http://blog.security4all.be/2009/10/ways-to-bypass-big-belgian-firewall.html">Ways to bypass the Big Belgian firewall</a></li><li><a href="http://blog.security4all.be/2009/10/automated-social-networking.html">Automated Social Networking Surveillance Systems</a></li><li><a href="http://blog.security4all.be/2009/07/according-to-child-support-groups-net.html">According to Child Support groups, Net filtering is a waste of money</a></li><li><a href="http://blog.security4all.be/2009/07/big-brother-2009-has-rebellion-started.html">Big Brother 2009: Has the rebellion started?</a></li><li><a href="http://blog.security4all.be/2009/01/police-hacking-laws-moving-from-germany.html">Police hacking laws moving from Germany to the rest of Europe. Do as I say, not as I do.</a></li></ul><span style="font-style: italic;font-size:85%;" >(Photo under creative commons from <a href="http://www.flickr.com/photos/simeon_barkas/" class="currentContextLink" id="contextLink_stream42812461@N00" name="Context Title">Akbar Simonse (away for one more week)'s photostream</a>) </span><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=C-OIe1VsHv8:B_kWbgGZAe8:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=C-OIe1VsHv8:B_kWbgGZAe8:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=C-OIe1VsHv8:B_kWbgGZAe8:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=C-OIe1VsHv8:B_kWbgGZAe8:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=C-OIe1VsHv8:B_kWbgGZAe8:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=C-OIe1VsHv8:B_kWbgGZAe8:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=C-OIe1VsHv8:B_kWbgGZAe8:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=C-OIe1VsHv8:B_kWbgGZAe8:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/C-OIe1VsHv8" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/03/international-day-against-censorship.htmltag:blogger.com,1999:blog-6437907677349484188.post-59919051697861922452010-03-12T12:18:00.004+01:002010-03-12T20:36:18.116+01:00Internet-able touchscreens for Belgian Hospitalbeds: a dataloss incident waiting to happen?I was reading this <a href="http://datanews.rnews.be/nl/90-8-28880/article.html?cid=rss#90;8;28880">datanews article</a> about this hospital in Leuven wanting to place touchscreen terminals next to each bed.<br /><br />Medical personnel can consult the patient's medical dossier and other medical information. But these terminals can also be used by patients to surf and check their email. While a great service and idea, it's a security incident waiting to happen.<br /><br />They do talk about making the system redundant. But there is no mention of security or potential dataloss. Maybe the journalist just forgot to mention/ask it? It might be securely implemented so that the medical information stays confidential. Let's give them the benefit of the doubt. But some researchers have shown that internet kiosk software is not always that securely designed. Meaning that a "jail" or isolated environment to surf with, is not that easy to implement.<br /><br />So I'm hoping that they will test this and that the pentester or developer will have a look at <a href="http://ikat.ha.cked.net/">iKAT</a>, the internet kiosk attack tool. A really cool tool created by Paul Craig, a security researcher from New Zealand.<br /><br />He gave a presentation about kiosk security and iKAT at BruCON. You can watch the video below.<br /><br /><object width="400" height="325"><param name="allowfullscreen" value="true" /><param name="allowscriptaccess" value="always" /><param name="movie" value="http://vimeo.com/moogaloop.swf?clip_id=6897223&server=vimeo.com&show_title=1&show_byline=1&show_portrait=0&color=&fullscreen=1" /><embed src="http://vimeo.com/moogaloop.swf?clip_id=6897223&server=vimeo.com&show_title=1&show_byline=1&show_portrait=0&color=&fullscreen=1" type="application/x-shockwave-flash" allowfullscreen="true" allowscriptaccess="always" width="400" height="325"></embed></object><p><a href="http://vimeo.com/6897223">Rage Against The Kiosk - Paul Craig - BruCON 2009</a> from <a href="http://vimeo.com/user2370816">security4all</a> on <a href="http://vimeo.com">Vimeo</a>.</p><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=QRQu9XH0up0:jNh8Mmygbkw:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=QRQu9XH0up0:jNh8Mmygbkw:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=QRQu9XH0up0:jNh8Mmygbkw:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=QRQu9XH0up0:jNh8Mmygbkw:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=QRQu9XH0up0:jNh8Mmygbkw:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=QRQu9XH0up0:jNh8Mmygbkw:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=QRQu9XH0up0:jNh8Mmygbkw:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=QRQu9XH0up0:jNh8Mmygbkw:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/QRQu9XH0up0" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/03/internet-able-touchscreens-for-belgian.htmltag:blogger.com,1999:blog-6437907677349484188.post-14533916109555433862010-03-10T08:43:00.004+01:002010-03-10T09:05:38.511+01:00IE6 & IE7 zero day published in Microsoft Security Advisory 981374Another 0-day in Internet Explorer is being exploited as reported by Microsoft in <a href="http://www.microsoft.com/technet/security/advisory/981374.mspx">Security Advisory 981374 </a> yesterday. IE versions 6 and 7 are affected and according to reports, it's only being used in targeted attacks. Which makes it even more dangerous if you are a potential target since IDS and AV signatures might not be available at this point.<br /><br />No patch is available. User are recommended to upgrade to IE8 or use alternative browsers like Firefox with an add-on that blocks script by default like Noscript. Allowing Flash and Java by default nowadays is not a safe practice anymore.<br /><br />Related posts:<br /><ul><li><a href="http://blog.security4all.be/2010/03/some-great-whitepapers-on-aurora.html">Some great whitepapers on the Aurora attacks</a></li><li><a href="http://blog.security4all.be/2008/11/isps-in-trouble-ddos-and-targeted.html">ISPs in trouble, DDoS and Targeted Attacks</a></li><li><a href="http://blog.security4all.be/2008/10/isaca-event-changing-threat-targeted.html">ISACA Event: The changing threat: Targeted Attacks</a></li><li><a href="http://security4all.blogspot.com/2008/07/office-word-2002-sp3-zero-day-revealed.html">Office Word 2002 SP3 Zero day revealed</a></li><li><a href="http://security4all.blogspot.com/2008/05/united-tax-spearphishing-attack-and.html">United Tax Spearphishing attack and a little Belgian twist</a></li><li><a href="http://security4all.blogspot.com/2008/05/ceos-of-large-companies-targeted-in-new.html">CEOs of large companies targeted in new whaling wave</a></li><li><a href="http://security4all.blogspot.com/2008/04/this-is-how-good-targeted-attacks-are.html">This is how good the targeted attacks are getting</a></li><li><a href="http://security4all.blogspot.com/2008/04/which-non-executables-files-are.html">Which non-executables files are targeted the most?</a></li><li><a href="http://security4all.blogspot.com/2008/03/securitynl-maarten-social-engineering.html">Security.nl, Maarten, social engineering and targeted attacks</a></li><li><a href="http://security4all.blogspot.com/2008/04/social-engineering-put-to-test-how.html">Social engineering put to the test. How would your employee score?</a></li><li><a href="http://security4all.blogspot.com/2008/03/social-engineering-pentesting-against.html">Social engineering pentesting against your employees</a></li><li><a href="http://security4all.blogspot.com/2008/03/do-we-need-user-education.html">Do we need user education?</a></li><li><a href="http://security4all.blogspot.com/2007/06/spear-phishing-and-whaling.html">Spear Phishing and Whaling</a></li></ul><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=YVngQR-0qDo:0oDRK0aVNeA:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=YVngQR-0qDo:0oDRK0aVNeA:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YVngQR-0qDo:0oDRK0aVNeA:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YVngQR-0qDo:0oDRK0aVNeA:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YVngQR-0qDo:0oDRK0aVNeA:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YVngQR-0qDo:0oDRK0aVNeA:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=YVngQR-0qDo:0oDRK0aVNeA:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YVngQR-0qDo:0oDRK0aVNeA:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/YVngQR-0qDo" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/03/ie6-ie7-zero-day-published-in-microsoft.htmltag:blogger.com,1999:blog-6437907677349484188.post-78320234523305225752010-03-10T07:47:00.004+01:002010-03-12T21:43:10.374+01:00Some great whitepapers on the Aurora attacksWhile the Aurora attacks were a good user awareness situation, it has become a lot of hype and three letter acronyms about something that has been happening for a longer period of time.<br /><br />A few whitepapers have appeared that give us some juicy details about the dropper and backdoor and domain names used in the attacks. As well as the information they were after. Although ending with some vendor pitches, some are interesting read.<br /><br />1. The first one is a report from HBGary which you can download <a href="http://www.hbgary.com/wp-content/themes/blackhat/images/hbgthreatreport_aurora.pdf">here</a>. It contains some good technical information about the dropper and malware used.<br /><br />2. Then there is this McAfee whitepaper which has a lot more marketing fluff and more suited for CISA/Auditors (personal information will be asked for downloading but is not verified). A few good points but less technical details. It's mainly about the SCM they targeted.<br /><p style="font-style: italic;"><span style="font-size:85%;"></span></p><blockquote><p style="font-style: italic;"><span style="font-size:85%;">Specifically, we have concluded that, in several cases, the attackers executed precision strikes to gain access to <a href="http://en.wikipedia.org/wiki/Revision_control" onclick="javascript:pageTracker._trackPageview('/outbound/article/en.wikipedia.org');">source code configuration management systems</a> (SCMs) at targeted companies. SCMs are used by software engineers to manage their projects and are used to store source code, the crown jewels of any tech company.</span></p> <p style="font-style: italic;"><span style="font-size:85%;">In our analysis of the attacks we found that the perpetrators went through several hoops to ultimately compromise the systems of the SCM users at the targeted organizations. This means that the attackers now had access to the SCM system and could siphon out source code or, worse, modify and add code. (Source: <a href="http://siblog.mcafee.com/cto/source-code-repositories-targeted-in-operation-aurora/">McAfee</a>)<br /></span></p></blockquote>Link to <a href="http://resources.mcafee.com/forms/Aurora_VDTRG_WP">whitepaper</a>.<br /><br />It might also be worth mentioning that there is<a href="http://www.linkedin.com/groups?gid=2677290&trk=myg_ugrp_ovr"> a LinkedIN group</a> where articles and information about Aurora is being shared.<br /><br />Related posts:<br /><ul><li><a href="http://blog.security4all.be/2008/11/isps-in-trouble-ddos-and-targeted.html">ISPs in trouble, DDoS and Targeted Attacks</a></li><li><a href="http://blog.security4all.be/2008/10/isaca-event-changing-threat-targeted.html">ISACA Event: The changing threat: Targeted Attacks</a></li><li><a href="http://security4all.blogspot.com/2008/07/office-word-2002-sp3-zero-day-revealed.html">Office Word 2002 SP3 Zero day revealed</a></li><li><a href="http://security4all.blogspot.com/2008/05/united-tax-spearphishing-attack-and.html">United Tax Spearphishing attack and a little Belgian twist</a></li><li><a href="http://security4all.blogspot.com/2008/05/ceos-of-large-companies-targeted-in-new.html">CEOs of large companies targeted in new whaling wave</a></li><li><a href="http://security4all.blogspot.com/2008/04/this-is-how-good-targeted-attacks-are.html">This is how good the targeted attacks are getting</a></li><li><a href="http://security4all.blogspot.com/2008/04/which-non-executables-files-are.html">Which non-executables files are targeted the most?</a></li><li><a href="http://security4all.blogspot.com/2008/03/securitynl-maarten-social-engineering.html">Security.nl, Maarten, social engineering and targeted attacks</a></li><li><a href="http://security4all.blogspot.com/2008/04/social-engineering-put-to-test-how.html">Social engineering put to the test. How would your employee score?</a></li><li><a href="http://security4all.blogspot.com/2008/03/social-engineering-pentesting-against.html">Social engineering pentesting against your employees</a></li><li><a href="http://security4all.blogspot.com/2008/03/do-we-need-user-education.html">Do we need user education?</a></li><li><a href="http://security4all.blogspot.com/2007/06/spear-phishing-and-whaling.html">Spear Phishing and Whaling</a></li></ul><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=XGUDn9kE008:Qnq3bAPhfCM:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=XGUDn9kE008:Qnq3bAPhfCM:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=XGUDn9kE008:Qnq3bAPhfCM:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=XGUDn9kE008:Qnq3bAPhfCM:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=XGUDn9kE008:Qnq3bAPhfCM:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=XGUDn9kE008:Qnq3bAPhfCM:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=XGUDn9kE008:Qnq3bAPhfCM:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=XGUDn9kE008:Qnq3bAPhfCM:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/XGUDn9kE008" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/03/some-great-whitepapers-on-aurora.htmltag:blogger.com,1999:blog-6437907677349484188.post-11801338176163312022010-03-09T22:24:00.005+01:002010-03-09T22:45:54.894+01:00Time to step up your Acrobat Reader patching. Attacks are on the rise.<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://1.bp.blogspot.com/_hKfJbfbBxMU/S5a_dQIz-BI/AAAAAAAACxY/VIVwl39_QVk/s1600-h/3909511118_7f54ce8aa8.jpg"><img style="cursor: pointer; width: 251px; height: 378px;" src="http://1.bp.blogspot.com/_hKfJbfbBxMU/S5a_dQIz-BI/AAAAAAAACxY/VIVwl39_QVk/s400/3909511118_7f54ce8aa8.jpg" alt="" id="BLOGGER_PHOTO_ID_5446751308620232722" border="0" /></a><br /><br />If you haven't patched the latest Acrobat Reader from two weeks ago, it might be time to step up the pace. If you look at <a href="http://www.f-secure.com/weblog/archives/00001903.html">this blogpost</a> from F-secure, you'll see that the PDF format has become the choice for targeted attacks. Within the security community, it's being nicknamed Penetration Document Format.<br /><blockquote><span style="font-style: italic;font-size:85%;" ><span class="rss:item">Because we're now seeing the vulnerability (CVE-2010-0188) being exploited in targeted attacks (<a href="http://blogs.technet.com/mmpc/archive/2010/03/08/cve-2010-0188-patched-adobe-reader-vulnerability-is-actively-exploited-in-the-wild.aspx">Microsoft also</a>).<br /><br />Our sample was submitted by a European financial organization and the file name includes a reference to the <a href="http://en.wikipedia.org/wiki/G-20_major_economies">G20</a>. The exploit drops a downloader and attempts to make a connection to tiantian.ninth.biz. We detect this attack as Exploit:W32/PDFExploit.G. (source: <a href="http://www.f-secure.com/weblog/archives/00001903.html">fsecure</a>)</span></span></blockquote>If patches/upgrades are not possible, think about using the usual workaround like disabling javascript or installing alternative clients.<br /><br />PDFs can easily be used for info stealing purposed that evades AV, HIDS, etc... the victim doesn't event have to have admin privileges. Have a look at<a href="http://blog.didierstevens.com/2010/03/08/pdf-info-stealer-poc/"> this explanation</a> from security expert Didier Stevens on how such an attack is performed. Didier has written numerous analyses of PDF malware in the past and is a known researcher in this field.<br /><br />On a small side note, Didier is going to give a malware analysis workshop at the <a href="http://2010.brucon.org/">BruCON conference</a>. This is the occasion to learn some PDF malware analysis techniques from him!!<br /><br />Related posts:<br /><ul><li><a href="http://blog.security4all.be/2009/07/0-day-in-adobe-flash-also-executable.html">0-Day in Adobe Flash, also executable from Acrobat Reader (updated)</a></li><li><a href="http://blog.security4all.be/2009/03/adobe-pushes-out-fix-for-reader-and.html">Adobe pushes out fix for Reader and Acrobat zero-day, one day ahead of schedule.</a></li><li><a href="http://blog.security4all.be/2009/03/sweet-irony-foxit-pdf-reader-releases.html">The sweet irony: Foxit PDF reader releases JBIG2 security patch</a></li><li><a href="http://blog.security4all.be/2009/03/pdf-exploit-poc-without-any-user.html">PDF Exploit PoC without any user interaction</a></li><li><a href="http://blog.security4all.be/2009/03/acrobat-reader-exploit-works-without.html">Acrobat reader exploit works without opening pdf</a></li><li><a href="http://blog.security4all.be/2009/02/pdf-attacks-are-becoming-more.html">PDF attacks are becoming more widespread using ads</a></li><li><a href="http://blog.security4all.be/2009/02/acrobat-reader-exploits-in-wild.html">Acrobat Reader exploits in the wild (updated)</a></li></ul><span style="font-style: italic;font-size:85%;" >(Photo under creative commons from<a href="http://www.flickr.com/photos/ludmila_tavares/" class="currentContextLink" id="contextLink_stream11751322@N02" name="Context Title"> Ludmila Tavares' photostream</a>)</span><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=YhkrzGEcgN0:yvHzR2Zk5VY:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=YhkrzGEcgN0:yvHzR2Zk5VY:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YhkrzGEcgN0:yvHzR2Zk5VY:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YhkrzGEcgN0:yvHzR2Zk5VY:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YhkrzGEcgN0:yvHzR2Zk5VY:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YhkrzGEcgN0:yvHzR2Zk5VY:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=YhkrzGEcgN0:yvHzR2Zk5VY:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=YhkrzGEcgN0:yvHzR2Zk5VY:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/YhkrzGEcgN0" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/03/time-to-step-up-your-acrobat-reader.htmltag:blogger.com,1999:blog-6437907677349484188.post-36761088359432323602010-03-08T00:30:00.004+01:002010-03-08T00:49:44.902+01:00Hackerspace Ghent (Whitespace or 0x20) will have their Open weekend on 19 - 21 March<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://1.bp.blogspot.com/_hKfJbfbBxMU/S5Q7VnfUv-I/AAAAAAAACxQ/bhbf24KrZuM/s1600-h/4010119736_18999fb993.jpg"><img style="cursor: pointer; width: 400px; height: 300px;" src="http://1.bp.blogspot.com/_hKfJbfbBxMU/S5Q7VnfUv-I/AAAAAAAACxQ/bhbf24KrZuM/s400/4010119736_18999fb993.jpg" alt="" id="BLOGGER_PHOTO_ID_5446043091961429986" border="0" /></a><br /><br />I was happy to see that a second Hackerspace was starting in Belgium after the one in Brussels. And now after finding a location, they are ready to open their doors.<br /><br />More info at<br /><a href="http://hsg.bn2vs.com/Opening_Weekend">http://hsg.bn2vs.com/Opening_Weekend </a><br /><br />There will be presentations or workshops on topics like openWRT and IPv6. Let's not forget the opening drink (pssttt, they have Club Mate). Since it's a complete weekend, you don't have any excuse and have to drop by!!!<br /><br />Related posts:<br /><ul><li><a href="http://blog.security4all.be/2010/02/hackerspace-antwerp-in-bootstrap-mode.html">Hackerspace Antwerp in bootstrap mode</a></li><li><a href="http://blog.security4all.be/2010/01/date-for-hackerspace-antwerp-startup.html">The date for the Hackerspace Antwerp Startup Meeting</a></li><li><a href="http://blog.security4all.be/2009/12/discussing-about-hackerspace-antwerp.html">Discussing about Hackerspace Antwerp</a></li><li> <div class="post hentry"> <a name="2020654797735972754"></a> <a href="http://blog.security4all.be/2009/02/what-is-hackerspace.html">What is a hackerspace?</a></div></li><li><a href="http://blog.security4all.be/2009/01/what-does-hackerspace-looks-like.html">What does a hackerspace look like? And the next Hackerspace Brussels meetup.</a></li></ul><span style="font-style: italic;font-size:85%;" >(Photo under creative commons from<a href="http://www.flickr.com/photos/laughingsquid/" class="currentContextLink" id="contextLink_stream27403767@N00" name="Context Title"> Laughing Squid's photostream</a>)</span><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=Wi_oMooISrY:CBGhx73MNDE:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=Wi_oMooISrY:CBGhx73MNDE:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=Wi_oMooISrY:CBGhx73MNDE:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=Wi_oMooISrY:CBGhx73MNDE:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=Wi_oMooISrY:CBGhx73MNDE:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=Wi_oMooISrY:CBGhx73MNDE:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=Wi_oMooISrY:CBGhx73MNDE:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=Wi_oMooISrY:CBGhx73MNDE:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/Wi_oMooISrY" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/03/hackerspace-ghent-whitespace-or-0x20.htmltag:blogger.com,1999:blog-6437907677349484188.post-36355343165534272352010-03-08T00:13:00.003+01:002010-03-08T00:24:14.490+01:00The Icelandic Modern Media Initiative addresses the key issues for free expression in the digital age<object width="640" height="385"><param name="movie" value="http://www.youtube.com/v/ZbGiPjIE1pE&hl=en_US&fs=1&"><param name="allowFullScreen" value="true"><param name="allowscriptaccess" value="always"><embed src="http://www.youtube.com/v/ZbGiPjIE1pE&hl=en_US&fs=1&" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="640" height="385"></embed></object><br /><br /><blockquote><span style="font-style: italic;">The goal of the IMMI proposal is to task the government with finding ways to strengthen freedom of expression around world and in Iceland, as well as providing strong protections for sources and whistleblowers. To this end the legal environment should be explored in such a way that the goals can be defined, and changes to law or new law proposals can be prepared. The legal environments of other countries should be considered, with the purpose of assembling the best laws to make Iceland a leader of freedoms of expression and information. We also feel it is high time to establish the first Icelandic international prize: The Icelandic Freedom of Expression Award.</span></blockquote>More info can be found on <a href="http://immi.is/">http://immi.is/</a><br /><br />Have a look at this video. It's interesting to see what Wikileaks has inspired and this could mean a lot to free expression in the digital age and a good step towards fighting censorship.<br /><br />Related posts:<br /><ul><li><a href="http://blog.security4all.be/2009/10/ways-to-bypass-big-belgian-firewall.html">Ways to bypass the Big Belgian firewall</a></li><li><a href="http://blog.security4all.be/2009/10/automated-social-networking.html">Automated Social Networking Surveillance Systems</a></li><li><a href="http://blog.security4all.be/2009/07/according-to-child-support-groups-net.html">According to Child Support groups, Net filtering is a waste of money</a></li><li><a href="http://blog.security4all.be/2009/07/big-brother-2009-has-rebellion-started.html">Big Brother 2009: Has the rebellion started?</a></li><li><a href="http://blog.security4all.be/2009/01/police-hacking-laws-moving-from-germany.html">Police hacking laws moving from Germany to the rest of Europe. Do as I say, not as I do.</a></li><li><a href="http://blog.security4all.be/2008/11/privacy-matters-movie-by-xs4all-to.html">Privacy matters: A movie by XS4ALL to raise user awareness to data surveillance</a></li></ul><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=mCw_Szpk4VI:V-1k9ku6j6E:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=mCw_Szpk4VI:V-1k9ku6j6E:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mCw_Szpk4VI:V-1k9ku6j6E:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mCw_Szpk4VI:V-1k9ku6j6E:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mCw_Szpk4VI:V-1k9ku6j6E:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mCw_Szpk4VI:V-1k9ku6j6E:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=mCw_Szpk4VI:V-1k9ku6j6E:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mCw_Szpk4VI:V-1k9ku6j6E:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/mCw_Szpk4VI" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/03/icelandic-modern-media-initiative.htmltag:blogger.com,1999:blog-6437907677349484188.post-81109825924519865402010-02-16T12:43:00.005+01:002010-02-16T12:59:55.516+01:00Call for Papers: BruCON 2010, 24-25 September<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://1.bp.blogspot.com/_hKfJbfbBxMU/S3qIGp2y9PI/AAAAAAAACxI/pR1oSBi-yWw/s1600-h/3933227435_1d1523d9e7.jpg"><img style="cursor: pointer; width: 400px; height: 266px;" src="http://1.bp.blogspot.com/_hKfJbfbBxMU/S3qIGp2y9PI/AAAAAAAACxI/pR1oSBi-yWw/s400/3933227435_1d1523d9e7.jpg" alt="" id="BLOGGER_PHOTO_ID_5438809147899573490" border="0" /></a><br /><br />2009 was the first edition of BruCON, a non-profit conference meant to unite all the people in and around Belgium interested in discussing computer security, privacy and computer technology related topics. It was a great first edition thanks to all the help of our partners and volunteers in the community.<br /><br />I'm happy that this event is moving towards a yearly gathering of like-minded people. Do you have an interesting topic to present or a cool workshop? Have a look at the full Call of Papers below.<br /><br /><a href="http://blog.brucon.org/2010/02/brucon-2010-call-for-papers.html">http://blog.brucon.org/2010/02/brucon-2010-call-for-papers.html</a><br /><br />I hope to see you in September, if only to taste some Belgian beer or chocolate together. By preference not in combination! Although I heard of the existence of chocolate beer. ;-)<div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=yH4-Iap6Aws:0Xv13Twu_-E:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=yH4-Iap6Aws:0Xv13Twu_-E:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=yH4-Iap6Aws:0Xv13Twu_-E:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=yH4-Iap6Aws:0Xv13Twu_-E:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=yH4-Iap6Aws:0Xv13Twu_-E:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=yH4-Iap6Aws:0Xv13Twu_-E:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=yH4-Iap6Aws:0Xv13Twu_-E:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=yH4-Iap6Aws:0Xv13Twu_-E:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/yH4-Iap6Aws" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/02/call-for-papers-brucon-2010-24-25.htmltag:blogger.com,1999:blog-6437907677349484188.post-76932675700479909292010-02-15T14:31:00.003+01:002010-02-15T14:44:44.632+01:00Hackerspace Antwerp in bootstrap mode<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://2.bp.blogspot.com/_hKfJbfbBxMU/S3lPLjI8E-I/AAAAAAAACw4/_oQ05fG0o_Y/s1600-h/IMG_0503%5B1%5D.jpg"><img style="cursor: pointer; width: 320px; height: 240px;" src="http://2.bp.blogspot.com/_hKfJbfbBxMU/S3lPLjI8E-I/AAAAAAAACw4/_oQ05fG0o_Y/s320/IMG_0503%5B1%5D.jpg" alt="" id="BLOGGER_PHOTO_ID_5438465084856472546" border="0" /></a><br /><br />It seems that Hackerspace Antwerp is taking on form. We don't have a final name yet but we found a possible location to begin. It needs some work but it has loads of possibilities.<br /><br />Since my last post, we have a wiki and a mailinglist. Weekly meetings are now on Wednesday to keep things going. You'll find all the information on our wiki. Feel free to join us next Wednesday to help (& clean our new space). ;-)<br /><br />Wiki<br /><a href="http://antwerp.hackerspace.be/mw/index.php?title=Main_Page">http://antwerp.hackerspace.be/mw/index.php?title=Main_Page<br /></a>Mailinglist<br /><a href="http://discuss.hackerspaces.be/listinfo.cgi/antwerp-hackerspaces.be">http://discuss.hackerspaces.be/listinfo.cgi/antwerp-hackerspaces.be</a><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=yZW90mOwAH4:JTg8ULdsW6w:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=yZW90mOwAH4:JTg8ULdsW6w:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=yZW90mOwAH4:JTg8ULdsW6w:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=yZW90mOwAH4:JTg8ULdsW6w:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=yZW90mOwAH4:JTg8ULdsW6w:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=yZW90mOwAH4:JTg8ULdsW6w:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=yZW90mOwAH4:JTg8ULdsW6w:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=yZW90mOwAH4:JTg8ULdsW6w:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/yZW90mOwAH4" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/02/hackerspace-antwerp-in-bootstrap-mode.htmltag:blogger.com,1999:blog-6437907677349484188.post-70577406021406572202010-01-05T13:54:00.004+01:002010-01-05T20:03:08.456+01:00The date for the Hackerspace Antwerp Startup Meeting<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://3.bp.blogspot.com/_hKfJbfbBxMU/S0OM0VgUecI/AAAAAAAACww/VzXTnSMYwDg/s1600-h/4010120394_b82269261a_b.jpg"><img style="cursor: pointer; width: 320px; height: 240px;" src="http://3.bp.blogspot.com/_hKfJbfbBxMU/S0OM0VgUecI/AAAAAAAACww/VzXTnSMYwDg/s320/4010120394_b82269261a_b.jpg" alt="" id="BLOGGER_PHOTO_ID_5423333207037999554" border="0" /></a><br /><br />A lot of people responded for a startup meeting in Antwerp and are really divided over two possible dates. So I decided I will be there on both dates, although I can't stay very late.<br /><br />So on Saturday the 9th or Friday the 15th, please join us. Here is the original doodle: <a href="http://doodle.com/pci5yiksm5nwimg6" target="_blank">http://<span class="il">doodle</span>.com/<wbr>pci5yiksm5nwimg6</a><br /><br />Feel free to comment and to share the link to others!!!<br /><br /><span style="font-style: italic;font-size:85%;" >(Photo under creative commons from "Scott Beale / <a href="http://laughingsquid.com/">Laughing Squid</a>") </span><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=SqQNy823SQs:kwDwSUFyBYQ:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=SqQNy823SQs:kwDwSUFyBYQ:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=SqQNy823SQs:kwDwSUFyBYQ:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=SqQNy823SQs:kwDwSUFyBYQ:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=SqQNy823SQs:kwDwSUFyBYQ:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=SqQNy823SQs:kwDwSUFyBYQ:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=SqQNy823SQs:kwDwSUFyBYQ:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=SqQNy823SQs:kwDwSUFyBYQ:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/SqQNy823SQs" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/01/date-for-hackerspace-antwerp-startup.htmltag:blogger.com,1999:blog-6437907677349484188.post-61175764715332589012010-01-04T01:09:00.005+01:002010-02-15T14:53:03.408+01:00Download the #26C3 videos and bonus material<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://1.bp.blogspot.com/_hKfJbfbBxMU/S0EyoY4k5ZI/AAAAAAAACwg/bThF354DVrs/s1600-h/53511162.jpg"><img style="cursor: pointer; width: 240px; height: 320px;" src="http://1.bp.blogspot.com/_hKfJbfbBxMU/S0EyoY4k5ZI/AAAAAAAACwg/bThF354DVrs/s320/53511162.jpg" alt="" id="BLOGGER_PHOTO_ID_5422671095786694034" border="0" /></a><br /><br />So the 26th Chaos Communication Congress is over and it was a blast. For those that missed some talks (like me) or couldn't watch the live streams, you can download the video of almost all presentations.<br /><br />Best location to find the lastest videos is:<br /><a href="ftp://mirror.fem-net.de/CCC/26C3/">ftp://mirror.fem-net.de/CCC/26C3/</a><br /><br />There you will find the videos in mp4-format, in mp3 or ogg audio files or mp4-ipod formatted videos.<br /><br />You can also watch the videos online thanks to <a href="http://media.ccc.de/browse/congress/2009/index_1.html">CCC-TV</a>. No need to download everything.<br /><br />I made some recordings of some the things happening around the conference. Check my <a href="http://www.ustream.tv/channel/security4all">Ustream</a>.<br /><br />Related posts:<br /><ul><li><a href="http://blog.security4all.be/2010/01/date-for-hackerspace-antwerp-startup.html">The date for the Hackerspace Antwerp Startup Meeting</a></li><li><a href="http://blog.security4all.be/2009/02/what-is-hackerspace.html">What is a hackerspace?</a></li><li><a href="http://blog.security4all.be/2009/01/what-does-hackerspace-looks-like.html">What does a hackerspace looks like? And the next Hackerspace Brussels meetup.</a></li><li><a href="http://blog.security4all.be/2008/12/hacker-space-brussels-wifi-workshop.html">Hacker Space Brussels - Wifi Workshop</a></li><li><a href="http://blog.security4all.be/2008/11/new-hackerspace-brussels.html">New hackerspace @ Brussels</a></li></ul><div class="feedflare">
<a href="http://feeds.feedburner.com/~ff/Security4all?a=mjD2rdUU1Ug:iJ3Ock_yhxE:V_sGLiPBpWU"><img src="http://feeds.feedburner.com/~ff/Security4all?i=mjD2rdUU1Ug:iJ3Ock_yhxE:V_sGLiPBpWU" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mjD2rdUU1Ug:iJ3Ock_yhxE:I9og5sOYxJI"><img src="http://feeds.feedburner.com/~ff/Security4all?d=I9og5sOYxJI" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mjD2rdUU1Ug:iJ3Ock_yhxE:Jwdi1b3fU3Q"><img src="http://feeds.feedburner.com/~ff/Security4all?d=Jwdi1b3fU3Q" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mjD2rdUU1Ug:iJ3Ock_yhxE:qj6IDK7rITs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=qj6IDK7rITs" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mjD2rdUU1Ug:iJ3Ock_yhxE:F7zBnMyn0Lo"><img src="http://feeds.feedburner.com/~ff/Security4all?i=mjD2rdUU1Ug:iJ3Ock_yhxE:F7zBnMyn0Lo" border="0"></img></a> <a href="http://feeds.feedburner.com/~ff/Security4all?a=mjD2rdUU1Ug:iJ3Ock_yhxE:YwkR-u9nhCs"><img src="http://feeds.feedburner.com/~ff/Security4all?d=YwkR-u9nhCs" border="0"></img></a>
</div><img src="http://feeds.feedburner.com/~r/Security4all/~4/mjD2rdUU1Ug" height="1" width="1" alt=""/>Security4allhttp://www.blogger.com/profile/09433979568731690987noreply@blogger.com0http://blog.security4all.be/2010/01/download-26c3-videos-and-bonus-material.html