Iran X.25 terrorists actually BANKERS
An innocent explanation has emerged after a security expert linked a group of Islamic extremists to Iran after supposedly discovering the crew on a list of state-sanctioned leased telephone lines in the Middle East nation. Mike Kemp, a co-founder of UK-based Xiphos Research, found two entries for "Ansar Al-Mujahideen" in a …
This topic is closed for new posts.
Of Course if this info was seen by the US
No amount of double checking would have saved them from a carpet bombing of his house
Re: Of Course if this info was seen by the US
No amount of double checking would have saved them from a carpet bombing of his house
That would have been easy to avoid: just stay in the house. Their aim isn't exactly sterling..
Re: Of Course if this info was seen by the US
Where are all the people from the other thread who swore this was a US-Iranian running dog imperialist plot?
Re: Of Course if this info was seen by the US
Where are all the people from the other thread who swore this was a clearly proof of collusion between Iran and Osama/Al-Qaeda/Taliban, which everyone knows about anyway?
Fox news must be showing something about Romney's Missus again.
Re: Of Course if this info was seen by the US
Allah must have been smiling down on the Bank of Ansar yesterday --- upon being alerted by The Register report I was able to call off the drone strike with only seconds to spare.
I set up an X25 link to a Swiss bank from it's London office. It was interesting to see the passwords go through in plain text.
Sent from my luxury yacht somewhere warm.
And plain text password transmission have what exactly to do with X.25 links? Probably you saw a link password being transmitted in BX.25. That's something at the link layer meant to "pair" requipment perhaps but not meant to seriously control access AFAIK. Even in those days the actual data transmissions were encrypted at most sites.
Bank security
And a fixed line between the 2 endpoints, I have had a hand in setting up a few SWIFT links with the old hardware encryptors on them and whilst you may have been able to see passwords go in via the entry points in cleartext those encyptors and the fixed lines (as well as the ambiguous message formatting) meant it was extremely challenging to intercept.
Terrorists, bankers? same thing. One person terrorist is another man's financial freedom fighter.
Terrorists / Freedom fighters
A freedom fighter attacks the organs of the state (government, police, army, etc).
A terrorist attacks the people, to induce terror.
It's not difficult.
Re: Terrorists / Freedom fighters
and governments, police, army, etc. are staffed by what?
Re: Terrorists / Freedom fighters
> A freedom fighter attacks the organs of the state (government, police, army, etc).
> A terrorist attacks the people, to induce terror.
And when the organs of the state attack the people, we become terrorists.
Not the best "naming convention"?
Well, duh, it's called a "language", not "naming convention." Get yourself a Farsi dictionary, Mr. Kemp.
Re: Not the best "naming convention"?
Yeah, it sounds like he's blaming the bank for his own silly mistake.
"Ansar Al-Mujahideen" vs "Ansar al-Mojahedin"?
That sounds close enough to be a transcription/transliteration issue, rather than a different name.
Re: "Ansar Al-Mujahideen" vs "Ansar al-Mojahedin"?
Iran/Iraq - only one letter different, does it matter which one we bomb?
That sound very much like a carefully-worded prepared statement. I wonder who was standing over him while he wrote it, and what type of weapon they were holding?
Probably the dreaded Dumbass Attack Truncheon of Fail, a fearsome weapon that instantly covers the victim in ridicule and opprobium.
Xiphos Research Penetration Testing
Why am I not surprised, sensationalism trumped genuine security research about 12 years ago. Good to know that Xiphos Research Penetration Testing is just as bad as the next guy!
The old days
Ahhhh X25. Those were the days. When stuff just worked (after lots of messing around with no google there to see if someone else wrote about it in a blog post). Give me a VT100. They used to just work too.
Cheers to all the bits and pieces that have either grown or fallen aside to get us where were are today.
Boos to those who see the word "Iran" or "Islamic" and instantly assume it means "al-Qaeda" or "terrorist"
Meanwhile in London
The International Reading Association is regretting it's new logo design
Only still used in Iran??!!!!
Yeah right, I know of plenty of well known UK institutions who still use X.25, we're actually putting in new X.25 lines into a data centre right now so that we can support a major institutions back end infrastructure that still relies on X.25.
Re: Only still used in Iran??!!!!
Too true. We still sell lots of it, and the most recent version of the standard (a few years back now) added extra parameters that made it work on very high-speed, low-latency links ike satellite comms. It may have been the precursor to IP, but it isn't dead yet by a long chalk.
"a security researcher rather than a hacker"
There's a difference?
XOT
You can run X.25 over IP, it is called XOT. It is RFC1613.
Re: XOT
Strictly speaking XOT is X.25 over TCP, not just over IP. For completeness, RFC 877 (obsoleted by RFC 1356) describes how to run IP over X.25. You can build some interesting stacks...
This topic is closed for new posts.
