Even if there are thousands of blogs and online magazines and real journalists from real newspapers following every letter you write online, you can't ignore the fact that the outcome is down to organisation, organisation and organisation. Elections are like war. You have a good organised team and strategy and you stand a chance or you don't and you can maybe be lucky for a while, but not more than that.
As always they have quantified something new and now some US political consulting firms (the hired killers and scouts) has come up with an index of the online presence of the different candidates. If we believe that elections are won or lost online, than
* democrats will surely win even if half of the states has only exceptionally voted for a democrat as president
* Obama will surely win even if only Hillary can show polls in which she has a possibility to win against a republican candidate
but both have a problem with organisation, organisation, organisation that they will have to overcome.
The greatest danger for the candidates and their followers is that they make a fata morgana of their webpresence and they believe that they don't have to do as much in the real world in day-to-day operations.
Every time something moves in Turkye the rest of the online world are keeping their breath. The Turkish government isn't interested in stopping the hacking storm coming from their networks against websites all over the world. So these gangs are doing whatever they want, they even have official websites and forums, all under the flag of the great turkish (islamic or ataturk) nation. If maybe the flemish extremists would start hacking turkish websites to defend the flemish nation-state they dream off, it would become clear to the Turkish officials how ridiculuous this form of propaganda is.
Even if they see it as a form of cyberwarfare against kurdish and armenian websites they surely don't help their cause by attacking with their scripttools hundreds of other business- and mom-and-dad websites at the same time. I hardly can't believe they are that stupid that they can't configure their attack tools so they only attack websites with only a certain kind of content. Not that I approve of their techniques to try to silence websites that have another opinion, but if their attacks would be more directed, they would be easier to explain.
But as the situation is now, we'll have to monitor the situation in Turkye (our next European partners ?) to have an idea of the hacking storms coming our way. The news ain't good for the moment. Kurdisch and Turkish soldiers are having a shooting ball at the Iraqi frontier. So any turkish nationalist behind the computer can find the urge to tell the world that Turkye their great nation will conquer and destroy all of its enemies and so on and so on....
Website owners should be careful with traffic coming from Turkye or proxies (if you don't need them, just block them) and have a clean backup of their website by the hand. They should also monitor their webservers for changes and should be sure that all patches, security workarounds and standard passwordpolicy are installed.
You can find more information here
list of vulnerabilities http://www.secunia.com
software to monitor changes on a webserver - tripwire
THis is an example why you should be very careful when using cookies for identification. This was only for placing comments but imagine that once logged in you could 'manage your subscription or book library'.
Due to the strict Belgian law I didn't test this with tools I just wanted to log on. I didn't test it afterwards with tools, nor contacted the newspaper afterward. It seems to be working normally again. The paper was contacted last week and this is only published afterwards. The newspaper didn't ask not to publish it afterwards. The site of the newspaper wasn't scanned or attacked with any other tools by me. I didn't keep any cookies or any other meta-information about that person on my harddisk. The internetoperations were totally cleaned afterwards.
A whole series of Belgian websites about the coast and its weather were hacked over the weekend. Some of them are just dummies, but also the official websites got some pages added.
In the http://be-hacked.skynetblogs.be we only took the .be sites, but also others were a victim like lacote.org (an semi-official portal website for the belgian coast). The defacements were identical to the .be site so we presume the server itself was compromised.
I presume those people will sing 'tell me why I do hate mondays'
you can subscribe to the RSS feed http://www.furl.net/members/mailforlen/rss.xml?topic=hacked
or you can go over to http://be-hacked.skynetblogs.be
the only archive that exists on the web
if it is important (and .be) and it was defaced in 2006-2007 you can probably find it here
Wel laat ons eens op de website van het bedrijf kijken bij referenties
want hoe stelt het bedrijf zich voor ?
De Groep Janssens is samengesteld uit verschillende bedrijven welke gespecialiseerd zijn in het produceren, verhuren en plaatsen van verkeerssignalisatie.
Uitgegroeid tot één van de topbedrijven in zijn brache, worden er producten ontwikkeld en geproduceerd voor zeer uiteenlopende afnemers (o.a. de verschillende afdelingen Wegen en Verkeer van het Ministerie, provincies, steden en gemeenten, diensten voor toerisme, maatschappijen voor nutsleidingen en openbaar vervoer, wegenbouwers, aannemers, industriële ondernemingen, e.a.).
Uitgaande van 'co-partnership' hecht de bedrijvengroep Janssens grote waarde aan het meedenken met de opdrachtgever. Met deze visie als maatstaf, en rekening houdend met de specifieke eisen van de klant, bieden wij u onze diensten aan.
Dit betekent ook dat de netwerkoperatoren van deze instellingen nu de maatregelen moeten nemen om ervoor te zorgen dat geen eventueel bewijsmateriaal vernietigd wordt en op een zodanige manier wordt bewaard dat het aanvaardbaar is in het onderzoek of toch voldoende indicaties kan blijven geven zonder een direct bewijs te zijn. De procureur sprak immers over tientallen betrokken ambtenaren. (Misschien is het een Vlaamse zwam om PS termen te gebruiken).
of bedoelde de procureur dit contract ?
De afdeling Verkeerstechnieken bij de firma Janssens is op 1 januari 2004 opgestart met als doel het onderhoud van alle verkeerslichten in Vlaanderen die eigendom zijn van het Ministerie van de Vlaamse Gemeenschap - Departement Leefmilieu en Infrastructuur. Concreet gaat het om de installaties die gelegen zijn langs gewestwegen.
Het grondgebied wordt hierbij opgedeeld in Lot 1 (Oost- en West Vlaanderen) en Lot 2 (Brabant, Antwerpen en Limburg).
Het is duidelijk dat de firma Janssens met het binnenhalen van dit contract een nieuwe weg is ingeslagen. Hiervoor zijn mensen aangetrokken met een zeer goede know-how en een jarenlange ervaring. Hun eerste zorg is de goede werking van al deze installaties garanderen...
A researcher beat Microsoft to the patch punch Sunday by publishing an unofficial fix for a critical flaw in Windows XP and Server 2003 on PCs with Internet Explorer 7.
KJK::Hyperion, a.k.a. "Hackbunny," a researcher believed to live in Italy, posted a link to the 16KB patch on both his Web site and the Full Disclosure security mailing list Sunday. KJK's patch, dubbed "ShellExecuteFiasco," blocks the execution of malformed URLs and forces normalization of valid URLs. URL normalization, which can include tasks such as changing a URL to all-lowercase and stripping out the "www" part of the address, is a technique used by search engines to reduce indexing of duplicate pages.
Users who apply the patch do so at their own risk, KJK warned. "The present patch is dramatically under-tested and it has underwent [sic] no quality assurance procedure whatsoever, so please deploy with the greatest care," he said in the notes accompanying the fix. "It has a very good chance of misbehaving and making your system unusable."
His patch targets the URI (Universal Resource Identifier) vulnerability that Microsoft acknowledged last week. On Thursday, the company's security group issued an advisory that spelled out the problem, which could allow attackers to compromise systems running Internet Explorer 7 if users clicked on malicious links embedded in e-mail messages or posted on a Web page. Microsoft also said it would release a fix but would not commit to a schedule.
"The update will be part of our normal product update process [and] will be released as soon as we feel it's ready," said Mark Miller, director of the Microsoft Security Response Center, last week.
Microsoft typically takes a dim view of third-party patches like the one KJK posted. Although it did not immediately reply to a request for comment Monday, in past cases, it has cautioned users against deploying any unsanctioned fix.
Symantec gave much the same warning to customers of its DeepSight threat network Monday. In the advisory, Symantec said it had not been able to verify the integrity of KJK's work and told users to "use extreme caution when using patches from third-party sources."
The unsanctioned patch can be downloaded from KJK's Web site.