22-10-07

Do you have an FBI file (or did your family have one)

In the States there are procedures by which you can ask access or a copy after a certain amount of time (and not 100 years). What is even better is that is becoming more and more easier to have access to these files (and not in a Kafka way like here)

This is an example  http://www.getmyfbifile.com/

The files won't come online. You will still have to send a real letter with a real signature. So much for trust in electronic communications

15:09 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Even in the US is epolitics virtual politics

Even if there are thousands of blogs and online magazines and real journalists from real newspapers following every letter you write online, you can't ignore the fact that the outcome is down to organisation, organisation and organisation. Elections are like war. You have a good organised team and strategy and you stand a chance or you don't and you can maybe be lucky for a while, but not more than that.

As always they have quantified something new and now some US political consulting firms (the hired killers and scouts) has come up with an index of the online presence of the different candidates. If we believe that elections are won or lost online, than

* democrats will surely win even if half of the states has only exceptionally voted for a democrat as president

* Obama will surely win even if only Hillary can show polls in which she has a possibility to win against a republican candidate

but both have a problem with organisation, organisation, organisation that they will have to overcome.

http://www.spartaninternet.com/2008/

The greatest danger for the candidates and their followers is that they make a fata morgana of their webpresence and they believe that they don't have to do as much in the real world in day-to-day operations.  

 

15:05 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

The Turks are coming (a new hacking storm)

Every time something moves in Turkye the rest of the online world are keeping their breath. The Turkish government isn't interested in stopping the hacking storm coming from their networks against websites all over the world. So these gangs are doing whatever they want, they even have official websites and forums, all under the flag of the great turkish (islamic or ataturk) nation. If maybe the flemish extremists would start hacking turkish websites to defend the flemish nation-state they dream off, it would become clear to the Turkish officials how ridiculuous this form of propaganda is.

Even if they see it as a form of cyberwarfare against kurdish and armenian websites they surely don't help their cause by attacking with their scripttools hundreds of other business- and mom-and-dad websites at the same time. I hardly can't believe they are that stupid that they can't configure their attack tools so they only attack websites with only a certain kind of content. Not that I approve of their techniques to try to silence websites that have another opinion, but if their attacks would be more directed, they would be easier to explain.

But as the situation is now, we'll have to monitor the situation in Turkye (our next European partners ?) to have an idea of the hacking storms coming our way. The news ain't good for the moment. Kurdisch and Turkish soldiers are having a shooting ball at the Iraqi frontier. So any turkish nationalist behind the computer can find the urge to tell the world that Turkye their great nation will conquer and destroy all of its enemies and so on and so on....

Website owners should  be careful with traffic coming from Turkye or proxies (if you don't need them, just block them) and have a clean backup of their website by the hand. They should also monitor their webservers for changes and should be sure that all patches, security workarounds and standard passwordpolicy are installed.

You can find more information here

list of hacked websites  http://www.zone-h.org  and http://be-hacked.skynetblogs.be

list of vulnerabilities http://www.secunia.com

software to monitor changes on a webserver - tripwire

14:02 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

I ate the (unsafe) cookies of De Morgen

THis is an example why you should be very careful when using cookies for identification. This was only for placing comments but imagine that once logged in you could 'manage your subscription or book library'.

Legal disclaimer

Due to the strict Belgian law I didn't test this with tools I just wanted to log on. I didn't test it afterwards with tools, nor contacted the newspaper afterward.  It seems to be working normally again. The paper was contacted last week and this is only published afterwards. The newspaper didn't ask not to publish it afterwards. The site of the newspaper wasn't scanned or attacked with any other tools by me. I didn't keep any cookies or any other meta-information about that person on my harddisk. The internetoperations were totally cleaned afterwards.

De Morgen is a flemish newspaper (used to be progressive (EU) /liberal (US)) that has installed the possibility for their readers (of the online articles because I doubt that many of the commentators even read the newspaper) to add comments. It is using a system that is also used by Het Laatste Nieuws (which is the largest distributed flemish newspaper with around 1 million readers daily and is much more popular mainstream (or it it meanstream ?).
It is possible to put a comment under an article under the name of another person if that person is logged on at that time under his logon and is probably reading the same article.
bot_005
I am not that person I just clicked on put a comment. Well as he uses his own name and places comments he shouldn't be ashamed of it to do so.
bot_006
and send
It shows that when installing cookies you should be very careful and that you should really test a system inside out by outside experts who do nothing else day in day out and know all the latest tricks and do all the things that you don't expect a normal person to do.
Can you fix it ? Yes you can !  Because a man in the middle attack against the forums of De Morgen seemed workable. Persistant cookies are dangereous if you don't put the time-out right. (Force time-outs)
They seem to have fixed it, so I publish this.
I just tried it once and identified the posting and asked the newspaper afterwards to remove it because the person concerned couldn't have written it (although he was online following up the comments on that article in De Morgen at the time).

13:43 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

hack of the weekend : Belgian Coast and weather sites

A whole series of Belgian websites about the coast and its weather were hacked over the weekend. Some of them are just dummies, but also the official websites got some pages added.

In the http://be-hacked.skynetblogs.be  we only took the .be sites, but also others were a victim like lacote.org (an semi-official portal website for the belgian coast). The defacements were identical to the .be site so we presume the server itself was compromised.

I presume those people will sing 'tell me why I do hate mondays'

00:40 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

Archive of 499 hacked Belgian sites in 2007 online again

you can subscribe to the RSS feed http://www.furl.net/members/mailforlen/rss.xml?topic=hacked

or you can go over to http://be-hacked.skynetblogs.be 

the only archive that exists on the web

if it is important (and .be) and it was defaced in 2006-2007 you can probably find it here

00:04 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (0) |  Facebook |

18-10-07

Corruptie signalisatiebedrijf Janssens : Who is next

Wel laat ons eens op de website van het bedrijf kijken bij referenties

want hoe stelt het bedrijf zich voor ?

De Groep Janssens is samengesteld uit verschillende bedrijven welke gespecialiseerd zijn in het produceren, verhuren en plaatsen van verkeerssignalisatie.

Uitgegroeid tot één van de topbedrijven in zijn brache, worden er producten ontwikkeld en geproduceerd voor zeer uiteenlopende afnemers (o.a. de verschillende afdelingen Wegen en Verkeer van het Ministerie, provincies, steden en gemeenten, diensten voor toerisme, maatschappijen voor nutsleidingen en openbaar vervoer, wegenbouwers, aannemers, industriële ondernemingen, e.a.).

Uitgaande van 'co-partnership' hecht de bedrijvengroep Janssens grote waarde aan het meedenken met de opdrachtgever. Met deze visie als maatstaf, en rekening houdend met de specifieke eisen van de klant, bieden wij u onze diensten aan.

-------------------------------------------------------------------------------------

Dit betekent ook dat de netwerkoperatoren van deze instellingen nu de maatregelen moeten nemen om ervoor te zorgen dat geen eventueel bewijsmateriaal vernietigd wordt en op een zodanige manier wordt bewaard dat het aanvaardbaar is in het onderzoek of toch voldoende indicaties kan blijven geven zonder een direct bewijs te zijn. De procureur sprak immers over tientallen betrokken ambtenaren. (Misschien is het een Vlaamse zwam om PS termen te gebruiken).

  • N60 Oudenaarde
  • Noorderlaan Antwerpen
  • Complex aan afritten E17 Waregem
  • Uitritborden A12
  • Uitritborden E19
  • Diverse grote borden R0 Brussel
  • E313 Antwerpen
  • Knooppunten R1 Antwerpen
  • Industrieterrein Malle
  • Diverse steden en gemeenten: Assenede, Boutersem, Brussel, Gent, Kapelle o/d Bos, Knokke-Heist, Londerzeel, Ranst, Sint-Niklaas, Turnhout,...
  • Onderhoudswerken Pittem
  • Metropolis Antwerpen
  • Wetstraat Brussel
  • Luchthaven Brussel Nationaal
  • Heraanleg Grote Markt Sint-Niklaas
  • http://www.groupjanssens.com/NL/netbuilder.asp?sid=1

    of bedoelde de procureur dit contract ?

    De afdeling Verkeerstechnieken bij de firma Janssens is op 1 januari 2004 opgestart met als doel het onderhoud van alle verkeerslichten in Vlaanderen die eigendom zijn van het Ministerie van de Vlaamse Gemeenschap - Departement Leefmilieu en Infrastructuur. Concreet gaat het om de installaties die gelegen zijn langs gewestwegen.

    Het grondgebied wordt hierbij opgedeeld in Lot 1 (Oost- en West Vlaanderen) en Lot 2 (Brabant, Antwerpen en Limburg).

    Het is duidelijk dat de firma Janssens met het binnenhalen van dit contract een nieuwe weg is ingeslagen. Hiervoor zijn mensen aangetrokken met een zeer goede know-how en een jarenlange ervaring. Hun eerste zorg is de goede werking van al deze installaties garanderen...

    14:04 Gepost door technology changes fast not a lot in Algemeen | Permalink | Commentaren (2) |  Facebook |