"Common or garden cybercrooks..."...What the fcuk are you smoking?i
Common or garden cybercrooks have taken to using steganography – the art of hiding secret information within another image or message file – to run a click-fraud scam. Steganography has long been the stuff of spy trade-craft and cypherpunk novels, but now cybercrooks have made the practice downmarket by applying it to the Lurk …
I'll remind you of the memo of 8th Aug inst. Re: defamatory language in usage by embassy staff to whit: The practice of referring to the members of the Groaci diplomatic mission as "sticky-fingered five-eyes" will cease forthwith under penalty of extra duty in voucher reconciliation and expense report filing.
Whatever Next to Do is Always the Abiding Question.
I think it means they only have two eyes, not five eyes. ...frank ly
Ahha, and quite so, frank ly, that was just the point I making although obviously not clearly ..... binocular vision rather than panoramic thinking being a common or garden trait for crookedness everywhere, even in these new fangled and quantum entangling cyberspace times and matters.
I think it a mistake though to imagine and not realise that Five Eyes have proven and continue to confirm that they themselves are two eyed in all the novel and noble fields that now greatly matter in Global Command Head Quarters with Virtual Remote Control [and which be both a unitary and binary and tertiary affair for those into the Great Order of Sublime InterNetworking Things and Singularities]
To paraphrase a blast from the past ..... Ask not what your intelligence servers can do to you, for they can do anything, tell them what you can do for and/or to them if they be smart enough to wannabe smarter still and more than just static listening post devices and status quo machinery. ..... http://youtu.be/PzRg--jhO8g
Sorry old chap, no offence intended and all that, but isn't that usually our line whenever we read one of your posts? .... Arctic Fox
Hi, Arctic fox,
Is the great common sense shared here ...... http://geer.tinho.net/geer.blackhat.6viii14.txt .... your line too, or just what you have to work with?
"Early versions of Lurk spread through an HTML iFrame on compromised websites that relied on a Flash-based exploit (CVE-2013-5330) in order to infect the computers of passing surfers."
How do current versions install? The stenography stuff is just for updates and commands after it's already installed.
This is what I was wondering as well.
Who cares if updates are hard to detect. It still requires a program on the infected computer to receive and process the image correctly. THAT should be detectable; evidenced by the fact they say 350k computers are compromised.
From a network security analyst's perspective, an infection event only has to get past the equipment and notice of an analyst one time. Updates have to evade detections every time they are run. Hiding update activity makes it harder for people like me to pick up on the few that slip through the AV net.
Signature detection doesn't work. … Wzrd1
Quite so, Wzrd1, and it will never work because of ……
I've spoken elsewhere about how we are all intelligence agents now, collecting on each other on behalf of various overlords.[RSA] There are so many technologies now that power observation and identification of the individual at a distance. They may not yet be in your pocket or on your dashboard or embedded in all your smoke detectors, but that is only a matter of time. Your digital exhaust is unique hence it identifies. Pooling everyone's digital exhaust also characterizes how you differ from normal. Privacy used to be proportional to that which it is impossible to observe or that which can be observed but not identified. No more -- what is today observable and identifiable kills both privacy as impossible-to-observe and privacy as impossible-to-identify, so what might be an alternative? If you are an optimist or an apparatchik, then your answer will tend toward rules of data procedure administered by a government you trust or control. If you are a pessimist or a hacker/maker, then your answer will tend towards the operational, and your definition of a state of privacy will be my definition: the effective capacity to misrepresent yourself.
Misrepresentation is using disinformation to frustrate data fusion on the part of whomever it is that is watching you. Some of it can be low-tech, such as misrepresentation by paying your therapist in cash under an assumed name. Misrepresentation means arming yourself not at Walmart but in living rooms. Misrepresentation means swapping affinity cards at random with like-minded folks. Misrepresentation means keeping an inventory of misconfigured webservers to proxy through. Misrepresentation means putting a motor-generator between you and the Smart Grid. Misrepresentation means using Tor for no reason at all. Misrepresentation means hiding in plain sight when there is nowhere else to hide. Misrepresentation means having not one digital identity that you cherish, burnish, and protect, but having as many as you can. Your fused identity is not a question unless you work to make it be. Lest you think that this is a problem statement for the random paranoid individual alone, let me tell you that in the big-I Intelligence trade, crafting good cover is getting harder and harder and for the exact same reasons: misrepresentation is getting harder and harder. If I was running field operations, I would not try to fabricate a complete digital identity, I'd "borrow" the identity of someone who had the characteristics that I needed for the case at hand. … Dan Geer, Cybersecurity as Realpolitik
However, I would not wholeheartedly agree that to “borrow” the identity of someone who had the characteristics that I needed for the case at hand was a better answer than to pay them handsomely to continue doing what they be doing and which has been found to be so attractive and appealing. After all, with Uncle Sam mooting the possibility and therefore the probability of paying 10x the worth of a catastrophic and disruptive zeroday vulnerability exploit to finders and keepers/explorers/crack hackers/virtual field entrepreneurs, and it being in all likelihood a most acceptable practical solution to a virtually impossible to police and prevent problem, why ever risk failing badly with anything pilfered and phished from a relative stranger who would know of the danger. Goodness know what would be lurking in the source code, to spring forth uncontrolled and uncontrollable by second and third parties, in the future, for that is the reality which some, who may be more than just a few and of alternative thoughts, have programmed into the System of Systems for the Sublime InterNetworking of Things in a Beta AI Controlled Future and Live Operational Virtual Environment.