"But... robots.txt can be ignored and most likely is ignored by Google. Profits over privacy, etc."
Check your web server logs to see rather than speculating maybe?
Iran apparently infiltrated the communications network of CIA agents who allowed their secret websites, used to exchange messages with informants, to be crawled by Google. A report from Yahoo! News this week claims that a 2009 breach of the US spy bods' communications channels came after the Iranian government infiltrated a …
As shown by this whole magecart thing, and all the issues of the past, the only thing granting any level of relative safety with online shopping is the sheer number of targets,
*You* (we, me etc) have only not been "had" yet because we are hidden in the crowd. Security by obscurity etc.
Someone at work recently had an account drained via lots of small (sub £30 mobile phone top up cards). Queue lots of guffawing and asking what they did online. The truth is probably just being unlucky that day, despite all the assumptions that they must have done something monumentally stupid on t'internet..
Someone at work recently had an account drained via lots of small (sub £30 mobile phone top up cards)
A friend with a company issued card told me about an intriguing problem they had a while back. Card was issued by the company, but they were expected to pay bills. At some point they noticed very small transactions, think we're talking cents here, going through. No choice but to pay this off, but reported to employer. My hazy recollection of the ensuing tale: Employer, "It's nothing to do with us." Credit card company, "Card belongs to employer, not you, they'd need to talk to us". Payments were to a phone company account, phone company of course refused to provide any details of the account being paid to and claimed they couldn't stop accepting the payments. Think the resolution was to go back to the employer and say either sort this out or I wont hold this card any more. Nice trick, seems nobody is willing to try to hunt down whoever is grabbing small sums every so often, but multiply it by the number of credit cards in a large company and it adds up.
Hah! Spot on. My daughter now attends the same junior school I went to, complete with the "temporary" porta-cabins that went up in the late 80s/early 90's.
Still there, still in use as classrooms. They were put up as a temporary measure while I attended, to allow the decoration/refit of another area.
"Still there, still in use as classrooms. They were put up as a temporary measure while I attended, to allow the decoration/refit of another area."
Which is why I have so much confidence in the politicians. I'm sure Brexit will be a resounding success... If we can only push through the initial famine.
We can look at it as "30 Traitors Executed after Counter-Intelligence Operation". After all, Iran would regard these "assets" as traitors to their state. When Aldrich Ames, Robert Hansen and Edward Snowden are mentioned by their government they are called traitors. And is execution really worse than being kept in solitary confinement for the rest of your days? 23 hours in a cell and 1 hour "exercise" by yourself.
Do you tell your friends and family that you support ISIS and Al-Qaeda? Or do you just post stupid things on the internet to sound edgy?
I'm sure it makes you feel good to know that some poor Iraqis who gave information regarding ISIS movements near their villages to America got killed.
Actually the CIA can be directly linked to plenty of deaths. As can the British Government.
Look at the CIA led coup of Indonesia that led to Suharto gaining power. The CIA gave the names of Communist sympathisers in Indonesia to Suharto which led to one of the biggest mass murders on the last century. Estimates are 500,000 people were killed in the purge, and the CIA was directly responsible for every death as they provided the names of every single one of them to Suharto's government. The British government, along with the US, collaborated with Indonesia when they invaded East Timor in 1975, even providing navy escort ships to the Indonesian government for transporting prisoners to their deaths. 100,000 East Timorese died from starvation and disease as a direct result of Indonesia's invasion, fully supported by both the British and US governments.
Actually, it was the US giving weapons to Al-Qaeda in Syria:
[Syrian Al-Qaeda Commander: US Forces Are Arming Us in Syria]
There are really numerous sources on this. Initially the US argued that their weapons ended up in the hands of Al-Qaeda 'by mistake'. Then, those 'mistakes' kept repeating. By now, it's rather clear that they kept furnishing/furnish the worst of islamists with weapons - and so does Saudi Arabia, btw.
"Posting something which can easily be backed up with even a rudimentary search of the Internet along with a perfectly valid opinion is not stupid."
What are you even on about? He was celebrating civilians getting killed and said that "they got off lightly." People explain how getting killed by ISIS for supplying the US with information is 'getting off lightly'.
What the CIA has previously done is completely irrelevant to whether informants deserved to die or not. If you report a crime to the police do you deserve to get hurt because the police have done bad things in the past?
Is that a bit like crooked Trump’s iPhone?
The one that he uses to tweet from, despite that the Security Services stating publically and privately that it is against federal law and telling him to please stop.
The one that there are video clips on national TV showing him using, including Fox News.
You can go to @realdonaldtrump to read his tweet denying that he uses an iPhone to tweet, which says at the bottom “iPhone app”.
Is that the sort of thing that you have in mind?
Trump’s tweets have been the first notice he has given the world of Presidential policy. He has fired advisers over Twitter, in his capacity as president. It is not a personal account.
You, along with him, are unable to differentiate *why* so much of what he does crosses the line between personal and official. He shouldn’t be employing his daughter and son-in-law as an adviser, for example.
Considered as an actual security risk, Trump carries his phone on his person. Any attack vector which could compromise a device OTA (like for example, a Bluetooth buffer overrun attack) is immediately fatal. *When* rather than if his personal phone is security-compromised, it can be used as a spying microphone in his pocket. He is POTUS FFS. Not a middle-level official.
Clinton’s risk was an *email server* running at home. Her attack surface was an email address. A physical attack would require someone to *enter her home*. The email server is not compromised even if she opened a dodgy email. Because it’s a server.
If you were saying that her device used to *read* emails could be compromised over the internet, that’s a reason not to access email at home, wherever the email server is located. But that isn’t the allegation. Most managers read their email at home, over VPN, including most governmental officials, and nobody is saying that was against policy. Running an email server is not that risk.
The server risk is someone entering her home could have stolen it and accessed the emails, breaking passwords with state-actor level methods.
*But that didn’t actually happen. Did it.*
Bruce quotes from
Though one counter-narrative opinion considered the possibility that naming “comms protocols” or “insecure websites” was a typical smoke & mirror diversion trick away from something/someone more interesting!
Who knows, at least the story has legs now that a new version has appeared after three months, but for those looking for the elusive “hard” facts , remember to factor in this six year old story by Michael Hastings
Why would a so-called security establishment go anywhere near the internet?
You have a agent within the tightly guarded biological warfare research site in Whichwhatisstania would you communicate via:
A) A shortwave radio tranceiver that emits a traceable signal and requires an external antenna?
B) A cell phone?
C) A letter drop behind a rock in a city park?
D) A letter drop in a hollowed out pumpkin on a farm owned by another spy?
E) Late night meetings with a controller on a bridge in downtown Whichwhatisstan City?
F) The Internet?
Because they need to communicate with their agents. That means either risky scheduled face-to-face meetings, slow and risky dead drops, radio transmitters that can be located with direction-finding equipment, or reusing some legitimate communications channel. Spies have used letters (can be intercepted), phones (can be tapped), newspapers (coded classified ads), and now the Internet.
There are a lot of advantages to the Internet, if done right. It's fast, encrypted, high-bandwidth, and you can hide the covert communications amongst lots of innocent legitimate data. However, there are obvious risks, too.
"...advantages to the Internet, if done right. It's fast, encrypted, high-bandwidth..."
Mmmmmm......."encrypted". There seems to be concern in some quarters about the security of encryption standards. The concern is that the encryption might be readable by -- who knows who? But of course, sensible "bad guys" would probably use their own encryption on top of the publicly available sort. Maybe even sensible "good guys" (if there are any!) should do the same. What do you think?
Assumptions....what password? What encrypted laptop? None of the above!
Everything on my laptop is in plain text.....move on....nothing to see here. The cipher text was downloaded from a widely used public web site (say, like The Register -- see above). I wonder who posted the cipher text? I wonder which of the hundreds or thousands of web hits represents the intended recipient(s)? I wonder how long it will take to figure this out.....never mind figure out the book cipher which was used (if indeed it was a book cipher)?
The encryption only needs to be good enough for the answers to these questions to take a longish time. The people using this mechanism (whoever they are) are in the mean time communicating in real time.
......but I DID like the cartoon!
And yet it was.
"temporary" infrastructure used long after it should have been replaced. No PHB has ever done that before.
BTW the STUXNET malware was first discovered in 2010.
According to Wikipedia it was though to have been in development (and deployment?) from 2005.
So yes if the Iranians started noticing stuff earlier they would have been quite angry.
It seems actions have consequences, even in malware. Who knew?
Surely the biggest "mistake" the CIA made in this whole thing was not identifying the double agent *before* he told the Iranians about the website. Right? Obviously the Iranians would be on the look out for moles/agents within their country. But. At no point does the report say that they were actively using Google to search for these websites before the double agent put them onto it.
The whole world knows, and the (real) free world dares to voice it: Sept. 11 was a false flag operation to make invading Afghanistan more psychologically bearable for the US population. News sites shouldn't help perpetuate the fairy tale of terrorist attacks, especially this website, which is supposed to look at things from a technical/scientific angle.
There's even more to it. The whole world can see that Afghanistan has been turned into the world's biggest opium factory. You can see the fields from above; it's no secret.
Now, there's a certain 'organization', which has been caught dealing drugs repeatedly. I wonder who's cashing in on Afghanistan's opium... Could it be? No, wait – it can't be! They can't be doing it again, they've already been caught before!?! :-P
Biting the hand that feeds IT © 1998–2018