May 22, 2008

فشار به مغز قورباغه

خیلی سعی کردم توضیح و تفسیر مناسب و خالی از فحش و نا سزا به مدیران دولتی بنویسم ، اما از آنجایی که بدون ادویه و مخلفات لفظی هرگونه بحث در این مورد غیر دلچسب است ، شما را فقط به خواندن خبر دعوت میکنم

http://www.itna.ir/archives/news/009911.php

بچه که بودیم میشنیدیم که وقتی امام زمان ظهور میکند همه چیز درست میشود ، اما با این اوضاع که پیش رو داریم و افراد فهمیده ایی که کشور را مدیریت میکنند ، فکر نمیکنم حتی از دست امام زمان (عج) هم کاری بر بیاید .

باشد که رستگار شویم

May 17, 2008

Well done China !

This topic made me think a lot about current state of security in our (gov) environments. While they`re going on to such level of complexity in their defeats and defenses , here we`re still after illegal copies of closed-source applications and solutions, or even worse , blindly using warez copies of every kind of software , widely deployed in office branches .
Sure , Iran have it`s own strategies in this field , and have done extensive movements , but I`m sure there`s still long way to go .
Years ago , I used to think that everything in gov is something special and common mistakes are never happening inside their systems, or at least there are some strict policies to prevent them . But now , the more experience , the more I get scared .
While reading mentioned article, I remembered a funny chat with a responsible (technical) agent , advertising their unbeatable policies and methodologies for preventing such attacks ( like what Chinese did ) occur . Here`s a limited brief of cool parts :

me : Ok , here`s the pilot setup of requested project . It`s not ready for mass-use , but local employees would have no problem using it .
him : Great , but how about security of system ? have you considered it while developing system , and deployment of it`s components ?
me : Sure , and I`ve tried my best , following very strict hardening scenarios , and even played with undocumented or proprietary components , trying to uncover unknown but possible attack vectors ... { a long technical chat here}...
me : But after all , I do NOT guaranty ANYTHING . because we`re using some components being developed by OTHERS , and many parts of them are just provided binaries as-is . Even worse , you`ve not provided me officially distributed components (by vendor) for development.
.
.
him: Oh ! yes , there`s a big risk at using unknown systems, developed out of home , BY OUR ENEMIES . We should prevent using such systems in our environments .... I`m never going to trust such softwares/systems/components ... They`re trying to spy us with these , for sure...
me: So what are you going to do ? every single piece of technology you`re using is being developed by THEM . Any plan for that ?
him : Sure, we`ve teams of uber experts investigating every imported technology , software or device . This may look odd to you, but WE have developed special appliances for investigating software or device components , trying to detect and expose even minor unexpected activities by tested thing... { and this self honoring story seems never ending ! } ...
me : ( while almost getting sure about the very specific brand THEY!!! have manufactured , by amount of details he leaks , tried to end this silly conversation anyway )
him : You do not know anything about their advanced techniques for cyber attacks... nor have idea about amount of researches WE have done ...
me : ( !!! ) sure , I`m too young and inexperienced to know anything , but I`d be glad to hear and learn about .
him : Let me give you a small demo sample . You know , we`ve designed a special system that can monitor every activity of computers around this saloon , like monitoring their screens or key strokes , WITHOUT even connecting any media to those computers .... {add some more interesting descriptions here yourself!}
me : Wow , that`s amazing , cool , is that really possible ?!?! ( while trying to keep showing myself like a shocked dump , I remember years old documents about frequency leakages of digital equipments "The TEMPEST project", or sniffing leaked signals of CRT monitors for re-drawing monitor screen contents , or sniffing wireless keyboard and mise signals , and many other OLD PUBLICLY KNOWN tricks of so-called advanced spy technologies )
.
.
him : Ok , let`s finish it . when will we announce the new system for mass use ? users need it !
me : So , you accept all the risks ? it`s up to you . from my point of view , we`re ready for GO...
.
.
4 days later , I`ve been asked for emergency help requested by one of managers , turned to be the same person . Skipping warez copy of OS , tons of 3rd party untrusted applications , missing security patches , horrible security configurations and an always-enabled wireless card , I found the system infected to some nasty stealth ( but almost known ) bot !!! :) No need to talk about amount of confidential documents on infected system ...

I just cleaned up the messes and walked away.

May 16, 2008

USENIX set it free & available online.

I`ve always learned cutting-edge and really cool hints and tricks while following presented researchs at USENIX cons. And while checking my rss bookmars , I noticed THIS . great decision by them.

May 15, 2008

Attacking ِDebian/Ubuntu OpenSSH PRNG

چند روز پیش مشکل امنیتی جدی و در عین حال جالبی در بسته OpenSSL استفاده شده در سیستم عامل Debian و سیستم عامل های مبتنی بر آن شناسایی و گزارش شد . مشکل امنیتی مربوط به ضعف در سیستم تولید اعداد تصادفی (PRNG) پیاده سازی شده در OpenSSL میباشد که تبعات بسیار خطرناک و جدی را بر روی سیستم هایی که از نسخه های آسیب پذیر OpenSSL استفاده کرده اند ایجاد میکند . اینبار بجای توضیح و تفصیل این مشکل در قالب پست وبلاگ تصمیم گرفتم مطلب مربوطه را بصورت یک شبه مقاله آماده کنم . شبه-مقاله مذکور را میتوانید از این آدرس دریافت کنید .

مقاله و محتوای آن ممکن است بدون اطلاع فبلی تغییر یافته و بروز رسانی شود . به نسخه مقاله توجه کنید.