Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

April 28, 2019

Ex-Police Chief, Outs Self as Extremist!

Filed under: Censorship,Government — Patrick Durusau @ 4:20 pm

The Ex-Met Police assistant commissioner Sir Mark Rowley has outed himself as an extremist (or an idiot, take your pick) in remarks to BBC Radio Programme 4, saying:

The top-ranked search referred to by Sir Mark takes users to the Wikipedia entry for Anjem Choudary, who was released from prison last year, halfway through a five-year jail term for encouraging support for the so-called Islamic State group.

He told Today: “I think I mentioned on your programme a few months ago, if you Google ‘British Muslim spokesman’ you get Anjem Choudary. That’s a disgrace.”

Sir Mark said: “These algorithms are designed to push us towards contentious material because that feeds their bottom line of advertising revenues, by pushing readers to extremist material.”

This is something Google denies, pointing out that it actually wants to get people off the platform and on to a third-party site as quickly as possible.

‘Extremist’ Google algorithms concern ex-police chief

Extremist may sound harsh but using the results of one “Google” search to condemn search algorithms untested and unseen, is clearly extreme. Public policy cannot be reasonably based on ad hoc reports by public figures and their reactions to search result content. Any student writing a paper on the recent history of Muslims in the UK would likely appreciate the pointer to Anjem Choudary.

Unless Sir Mark intends to expunge Choudary from BBC and other news reports held in libraries. And prohibiting discussion of Choudary online and in the news, opps, Sir Mark has already violated his own rule! Discussion of Choudary as “British Muslim spokesman.” Which now shows up as the first “hit” in a competiting search engine.


April 24, 2019

Metasploit Demo Meeting 2019-04-23

Filed under: Cybersecurity,Hacking — Patrick Durusau @ 1:05 pm

Metaspoilt Demo Meeting 2019-04-23

Entertaining and informative update for metasploit. Billed as:

The world’s most used penetration testing framework.

Knowledge is power, especially when it’s shared. A collaboration between the open source community and Rapid7, Metasploit helps security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness; it empowers and arms defenders to always stay one step (or two) ahead of the game.

Enjoy!

Deobfuscating APT32 Flow Graphs with Cutter and Radare2 [Defining “foreign” government]

Filed under: Cybersecurity,Government,Hacking,Radare2 — Patrick Durusau @ 12:30 pm

Deobfuscating APT32 Flow Graphs with Cutter and Radare2 by Itay Cohen.

The Ocean Lotus group, also known as APT32, is a threat actor which has been known to target East Asian countries such as Vietnam, Laos and the Philippines. The group strongly focuses on Vietnam, especially private sector companies that are investing in a wide variety of industrial sectors in the country. While private sector companies are the group’s main targets, APT32 has also been known to target foreign governments, dissidents, activists, and journalists.

APT32’s toolset is wide and varied. It contains both advanced and simple components; it is a mixture of handcrafted tools and commercial or open-source ones, such as Mimikatz and Cobalt Strike. It runs the gamut from droppers, shellcode snippets, through decoy documents and backdoors. Many of these tools are highly obfuscated and seasoned, augmented with different techniques to make them harder to reverse-engineer.

In this article, we get up and close with one of these obfuscation techniques. This specific technique was used in a backdoor of Ocean Lotus’ tool collection. We’ll describe the technique and the difficulty it presents to analysts — and then show how bypassing this kind of technique is a matter of writing a simple script, as long as you know what you are doing.

The deobfuscation plugin requires Cutter, the official GUI of the open-source reverse engineering framework – radare2. Cutter is a cross-platform GUI that aims to expose radare2’s functionality as a user-friendly and modern interface.  Last month, Cutter introduced a new Python plugin system, which figures into the tool we’ll be constructing below. The plugin itself isn’t complicated, and neither is the solution we demonstrate below. If simple works, then simple is best.

Way beyond my present skills but I can read and return to it in the future.

I don’t know how Cohen defines foreign government but for my purposes, a foreign government is one that isn’t paying me. Simple, direct and to the point. That may be a U.S.-centric definition. The U.S. government spends $billions on oppressing people around the world but cybersecurity sees it with a begging cup out for volunteer assistance. On a scale of volunteer opportunities, the U.S. government and its fellow travelers should come out dead last.


Government Countermeasures, Traffic Cams

Filed under: Government,Hacking,Protests — Patrick Durusau @ 10:52 am

If you use public feeds from traffic cams to guide or monitor disruptions, Public Spy (Traffic) Cams, or “leak” that you are using public feeds in that manner, government authorities are likely to interrupt public access to those feeds.

The presence of numerous wi-fi hotspots and inexpensive wi-fi video cameras suggests the most natural counter to such interruptions.

Unlike government actors, you know which locations are important, which disruptions are false flags (including random events that attract attention), and you benefit from public uncertainly caused by any interruption of public services, such as traffic cams.

As an illustration and not a suggestion, if cars caught in gridlock come under attack, say a pattern of attacks over several days, motorists caught in ordinary gridlock become more nervous and authorities view accidents or other causes with hightened suspicion. Whether you are the cause of the gridlock or not.

Authorities suffer from apophenia, that is “seeing apparently meaningful connections between unrelated patterns, data or phenomena.” What is pareidolia? (a sub-class of apophenia) Perhaps more than apophenia, because actively searching for patterns, makes them more likely to discover false ones. With an eye for patterns, you can foster their recognition of false ones. [FYI, false patterns are “subjects” in the topic maps. May include data on their creation.]

April 23, 2019

Best OCR Tools – Side by Side

Filed under: Government,Government Data,OCR — Patrick Durusau @ 8:34 pm

Our Search for the Best OCR Tool, and What We Found by Ted Han and Amanda Hickman.

From the post:

We selected several documents—two easy to read reports, a receipt, an historical document, a legal filing with a lot of redaction, a filled in disclosure form, and a water damaged page—to run through the OCR engines we are most interested in. We tested three free and open source options (Calamari, OCRopus and Tesseract) as well as one desktop app (Adobe Acrobat Pro) and three cloud services (Abbyy Cloud, Google Cloud Vision, and Microsoft Azure Computer Vision).

All the scripts we used, as well as the complete output from each OCR engine, are available on GitHub. You can use the scripts to check our work, or to run your own documents against any of the clients we tested.

The quality of results varied between applications, but there wasn’t a stand out winner. Most of the tools handled a clean document just fine. None got perfect results on trickier documents, but most were good enough to make text significantly more comprehensible. In most cases if you need a complete, accurate transcription you’ll have to do additional review and correction.

Since government offices are loathe to release searchable versions of important documents (think Mueller report), reasonable use of those documents requires OCR tools.

Han and Hickman enable you to compare OCR engines on your documents, an important step before deciding on which engine best meets your needs.

Should you find yourself in a hacker forum, no doubt by accident, do mention agencies which force OCR of their document releases. That unnecessary burden on readers and reporters should not go unrewarded.

Weaponized USB Drives and Beyond

Filed under: Cybersecurity,Government,Hacking — Patrick Durusau @ 8:19 pm

Weaponized USB devices as an attack vector by Alex Perekalin.

USB devices are the main source of malware for industrial control systems, said Luca Bongiorni of Bentley Systems during his talk at #TheSAS2019. Most people who are in any way involved with security have heard classic tales about flash drives “accidentally” dropped in parking lots — it’s a common security story that is just too illustrative not to be retold again and again.

Perekalin takes us beyond flash drives with a reminder that any USB device can be an attack vector.

An incomplete list of USB devices includes:

  • Speaker
  • Microphone
  • Sound card
  • MIDI
  • Modem
  • Ethernet adapter
  • Wi-Fi adapter
  • RS-232 serial adapter
  • Keyboard
  • Mouse
  • Joystick
  • Webcam
  • Scanner
  • Laser printer
  • Inject printer
  • USB flash drive
  • Memory card reader
  • Digital audio player
  • Digital camera

Just to name some of the more common ones. 

So it’s a little more expensive to do: “Congratulations! You were selected at random for a free digital camera!” (make sure it is a nice one) If it gets you inside the ******* agency, it’s worth every penny. Weaponized USB devices should be standard part of your kit.

R Graphics Cookbook, 2nd edition

Filed under: Graphics,R — Patrick Durusau @ 3:28 pm

R Graphics Cookbook, 2nd edition by Winston Chang.

From the webpage:

Welcome to the R Graphics Cookbook, a practical guide that provides more than 150 recipes to help you generate high-quality graphs quickly, without having to comb through all the details of R’s graphing systems. Each recipe tackles a specific problem with a solution you can apply to your own project, and includes a discussion of how and why the recipe works.

Read online here for free, or buy a physical copy on Amazon.

Do us all a favor, buy a hard copy of it. It encourages healthy behavior on the part of publishers and it’s easier on your eyes.

Enjoy!

Public Spy (Traffic) Cams

Filed under: Government,Protests — Patrick Durusau @ 3:21 pm

See the Road Ahead with Traffic Camera Images on Bing Maps

From the post:

The Bing Maps Routing and Traffic Team is constantly working to make navigation and route planning easier! Hot on the heels of our previous announcement about traffic coloring, the Bing Maps team is proud to announce that we have made it possible for users to access traffic camera images along a planned driving route! You can now see traffic camera icons along a short to moderate-length route. By clicking on a traffic camera icon, you can view the latest image from the traffic camera at that location.

Bing Maps with traffic cameras:

  • Enable real time routing of “breakdowns” for maximum impact
  • Monitor highways for enhancement of unplanned blockages
  • Support live tweeting/messaging/blogging of highway conditions

Access to traffic cams is not news but Bing is making them easy for casual users. The more users, the more noise and the safer you will be accessing traffic cams for your purposes.

Assuming the worst outcome in the 2021 presidential elections, you may want to consult Defeating Police Formations – Parallel Distributed Protesting, a post that I badly need to re-write. The lesson there is one of stopping cars on the Beltway around Washington, D.C., to effectively interrupt any inaguration ceremony. Traffic cams and management of “breakdowns” go hand in hand.

If you want to ineffectively interrupt any inaguration ceremony, mug for the press cameras at subways entrances. Your call.

April 11, 2019

The Online Books Page

Filed under: Books,Library — Patrick Durusau @ 2:59 pm

The Online Books Page

The Online Books Page is a website that facilitates access to books that are freely readable over the Internet. It also aims to encourage the development of such online books, for the benefit and edification of all.

A remarkable resource that I discovered quite by accident that lists over 3 million free books on the Web. More than enough to keep even a dedicated reader busy.

Enjoy!

April 8, 2019

Solnit, Unattended Luggage, Pipelines

Filed under: #DAPL,Environment,Pipelines (Oil/Gas) — Patrick Durusau @ 4:11 pm

Rebecca Solnit’s When the Hero is the Problem, triggered an insight for me that is likely old news to you: social resistance succeeds only when it is we (a group) and not me (the hero). Solnit writes of ecological sabotage saying:

For an embodiment of the word singlehanded you might turn to the heroine of the recent movie Woman at War. It’s about an Icelandic eco-saboteur who blows up rural power lines and hides in scenic spots from helicopters hunting her and is pretty good with a bow and arrow. But the most famous and effective eco-sabotage in the island’s history was not singlehanded.

In a farming valley on the Laxa River in northern Iceland in August 25, 1970, community members blew up a dam to protect farmland from being flooded. After the dam was dynamited, more than a hundred farmers claimed credit (or responsibility). There were no arrests, and there was no dam, and there were some very positive consequences, including protection of the immediate region and new Icelandic environmental regulations and awareness. It’s almost the only story I know of environmental sabotage having a significant impact, and it may be because it expressed the will of the many, not the few.

Solnit’s essay set me to thinking of ways for ecological sabotage to be a collective but uncoordinated expression of opposition to an oil or gas pipeline. Unbidden the endless loop warning at the Dallas Forth Worth (DFW) airport, in a deep Texas accent, “Watch out! … for unattended luggage and packages” (paraphrase from memory) came to mind. From there I remembered stories of abandoned packages, backpacks, etc., each of while provoked disproportionate and costly police responses.

Does unattended luggage attract the same attention as it would at DFW during the six stages of pipeline construction:

  1. Construction Staging Areas & Storage Yards
  2. Clear Cutting the ROW
  3. Excavating the Trench
  4. Pipe Transport, Stringing, & Assembly
  5. Obstacles: Roads & Streams
  6. Testing & Restoration?

If unattended luggage attracts a DFW level of attention on pipeline routes, defense and offense against pipeline construction takes on an entirely different complexion. Pipeline projects must secure the entire length of the pipeline from the time the pipeline route is fixed and the pipeline is complete. If anyone breeches pipeline security, any resulting unattended luggage or other packages, would require law enforcement attention before the project could proceed.

Rather than a focused area for law enforcement attention, think Standing Rock, pipeline proponents have to divide their resources between hundreds of miles of pipeline route for years. That sounds expensive, yes? On the other hand, opponents of pipelines can contribute to the rising cost of pipelines without leadership, charismatic or otherwise.

To illustrate, instead of “defending” against the protesters at Standing Rock (the entire reservation is shown in orange), imagine defending the entire route marked in red:

File:Bakken map osm basemap.png

Advantage red team! Yes?

Do remember to post videos to the media and get word to investors about increasing pipeline costs.


April 3, 2019

Reversing WannaCry Part 1 – [w/] #Ghidra

Filed under: Cybersecurity,Ghidra,Hacking — Patrick Durusau @ 7:43 pm
From Gnidra Ninja

From the description:

In this first video of the “Reversing WannaCry” series we will look at the infamous killswitch and the installation and unpacking procedure of WannaCry.

The sample can be found here: https://www.ghidra.ninja/posts/03-wannacry-1/

Twitter: https://twitter.com/ghidraninja

Links:

Interview with MalwareTech: https://soundcloud.com/arrow-bandwidth/s3-episode-11-wannacry-interview-with-malware-tech-at-infosec-europe-2017

MalwareTech’s blogpost about the killswitch: https://www.malwaretech.com/2017/05/how-to-accidentally-stop-a-global-cyber-attacks.html

Further reading

Wikipedia: https://en.wikipedia.org/wiki/WannaCry_ransomware_attack

LogRhythm Analysis: https://logrhythm.com/blog/a-technical-analysis-of-wannacry-ransomware/

Secureworks Analysis: https://www.secureworks.com/research/wcry-ransomware-analysis

Unless you are a very proficient Windows reverse engineer, be prepared to pause the video repeatedly! A level of comfort to aspire to.


April 1, 2019

radare2 r2-3.4.0

Filed under: Cybersecurity,Hacking,Radare2 — Patrick Durusau @ 6:59 pm
https://www.radare.org/r/

Now there’s a bold claim! Is that true? Only one way for you to know for sure! Well, what are you waiting for? Download r2-3.4.0 today!

Powered by WordPress