Blog

Information Security News: Call for Papers: Cyber Security in International Relations

Information Security News: Call for Papers: Cyber Security in International Relations.

Forwarded from: Brent Kesler <bdkesler (at) nps.edu>

Call for Papers: Cyber Security in International Relations
Submissions due: February 1, 2011

Strategic Insights, an online journal published by the Center on 
Contemporary Conflict at the Naval Postgraduate School, is seeking 
scholarly papers on the role that cyber security and information and 
communications technology (ICT) play in international relations and the 
strategic thinking of state and nonstate actors. This issue of SI seeks 
to inform policy makers and military operators of lessons drawn from 
real-world experience with computer and IT issues.

We seek assessment and analysis based on real-world events, not 
speculation regarding potential threats and perceived vulnerabilities. 
Papers that test or develop political theories and concepts are 
encouraged. We hold a broad definition of cyber security, and encourage 
submissions on a range of ICT topics related to threats to national 
security and individual liberties, responses to such threats from states 
and non-state actors, and emerging issues offering an over-the-horizon 
view of cyber security.

However, all submissions should be empirically based; we do not intend 
to publish work purely devoted to editorial opinion, threat 
anticipation, or policy advocacy. Submissions therefore should attempt 
to map capabilities based on available sources or game out real-world 
implications based on empirical data; any "digital Pearl Harbor" 
scenarios should attempt to measure the extent of the damage--tangible, 
social, or political--that could occur.

Sample Topics:

* Use of cyber attacks to influence government behavior (e.g., 2007 
  Estonia attacks)

* Cyber attacks as a force multiplier in conventional conflicts (e.g., 
  2008 Georgia attacks)

* Internet as a critical resource for political and social movements 
  (e.g., the Green Movement in Iran, electioneering in Moldova, Red 
  Shirt Movement in Thailand)

* Governments' efforts to contain popular movements that organize via IT 
  (e.g., shutting down or containing flash mobs, Chinese monitoring of 
  the Dalai Lama, software filtering and surveillance technologies)

* The role of information technology strategies in the US and other 
  states' foreign policy (e.g., US State Department intervention to 
  prevent Twitter shut-down during protests following the 2009 Iranian 
  elections)

* Regional cyber-conflicts (e.g., North and South Korea, India and 
  Pakistan, Israelis and Palestinians)

* Espionage and secrecy in a networked world (e.g., China and Google, 
  Wikileaks)

* Information technologies, civil liberties and privacy (e.g., RIM 
  Blackberry and Chinese, Indian and US efforts at surveillance;  
  Wikileaks; the Safe Harbor dispute)

* Strategic implications of cyber attacks against critical 
  infrastructures

* Innovative cyber attacks (e.g., Stuxnet and the Iranian nuclear 
  program)

* International cooperation to manage cyber-security and IT issues 
  (e.g., Internet governance, WSIS, ICANN, WIPO)

Submission Details: Submissions should be addressed to SI Editor Brent 
Kesler and sent in MS Word compatible format to ccc (at) nps.edu. They 
should range from 10 to 20 pages, double spaced, or 3,000 to 6,000 
words. For more information on submission guidelines, please consult:

http://www.nps.edu/Academics/Centers/CCC/Research-Publications/StrategicInsights/submissions.html

Time to put on the big thinking hat!

Using default private keys to decrypt SSL streams

An old but hugely overlooked issue. Many appliance vendors ship their units with a default private key for SSL communications. Even if you reissue a new certificate, your appliance could still be using the same private key as everyone else’s.. and it’s typically bundled within the firmware packages publicly distributed by the application vendor. This affects everything from DD-WRT to enterprise class VPN appliances, tape libraries, and firewalls.

Well, someone has finally begun cataloguing these into a searchable database:
http://www.devttys0.com/2010/12/breaking-ssl-on-embedded-devices/

Just lookup the device in question, point the lookup tool to a running appliance, or feed it a packet capture or live network interface and it will provide any known private keys. Once the private key is obtained, you can decrypt the SSL stream with tshark:

tshark -nn -t ad -r <pcap_file> -o ssl.keys_list:<HTTPS_server_IP>,443,http,”<private_key.pem>” -V -R http

Wireshark: Remote Packet Capture, bit of Security

This seems handy!

Wireshark: Remote Packet Capture, bit of Security

Wireshark/Ethereal is one of the best open source tools we have. I don’t think there will be individuals working in Networking domain (especially into IDS/IPS, Firewalls etc.) and don’t know Wireshark/tcpdump. Please I wanna see u guys/gals 😉

There are many features available in Wireshark, we are going to focus on remote packet capture.

Need Wireshark Version 1.4.2 with the new WinPcap available inbuilt with it. Install this on bothe the machines, where you are going to take capture (client) and on the machine where we want to sniff the traffic(server). On Server we need to start “Remote Packet Capture Protocol v.0 (experimental)” service, which will open TCP Port 2002 on the Server.

Security Unplugged !!!: Wireshark: Remote Packet Capture, bit of Security.

‘Blast off Lebanon coast was IDF destroying espionage device’ – Haaretz Daily Newspaper | Israel News

The explosion heard in Lebanon late Wednesday was an Israel Air Force operation aimed at destroying an espionage device it had installed off the coast of the city of Sidon, the Voice of Lebanon radio station reported on Thursday.

The report comes a day after the Lebanese Army said it had uncovered two Israeli spy installations in mountainous areas near Beirut and the Bekaa Valley, The installations included photographic equipment as well as laser and broadcast equipment.

‘Blast off Lebanon coast was IDF destroying espionage device’ – Haaretz Daily Newspaper | Israel News.

RFID Credit Card Skimming – Defcon Forums

RFID Credit Card Skimming
Yesterday, I was talking to a producer for the CBS Evening News regarding credit and ATM/bank cards with embedded RFID chips being vulnerable to wireless skimming. CBS is currently working on a story about this, due to a CBS affiliate station’s story:
http://www.wreg.com/videobeta/?watch…a-1884ec348310

CBS News’ take on this is that the skimming is great TV, but it’s probably only a small portion of things that can be skimmed or otherwise attacked by the populace, and they are interested in expanding the story. Our discussion went on for a while, and we talked about similar vulnerabilities pertaining to RFID including passports, EZPay, etc.

In the middle of all this, the producer remarked that while this vulnerability was “brand new” to the public, my reactions were making it seem like this was old news to the infosec community. My response was that the touch-less credit card issue had been known and demonstrated going back at least 6 years, if not more. He said that the same type of reaction had occurred last April, when CBS had run the story about the copier imaging on hard drives. The public was aghast, but the infosec people they’d contacted all remarked “what took you so long?”

More after the jump…

RFID Credit Card Skimming – Defcon Forums.