Vanity Fair profiles The eXile: "Gutsy...visceral...serious journalism...abusive, defamatory...poignant...paranoid...and right!"
MSNBC: Mark Ames and Yasha Levine
Broke the Koch Brothers' Takeover of America
exiledonline.com
What You Should Know / November 28, 2008

First Estonia, then Georgia and now America:

“Suspicions of Russian involvement … Military electronics experts have not pinpointed the source or motive of the attack.”

www.latimes.com --

Click here to read full article...

Read more: , , , Team eXiled, What You Should Know

Got something to say to us? Then send us a letter.

Want us to stick around? Donate to The eXiled.

Twitter twerps can follow us at twitter.com/exiledonline

1 Comment

Add your own

  • 1. Stormcrow  |  November 30th, 2008 at 11:25 am

    If you read through the LA Times story carefully, that’s not the only jarring note you’ll find.

    The infector they mentioned, “agent.btz”, that was sooooo scary. Look it up on Google, and you’ll find that signatures were published for this by at least one major A/V vendor before then end of June.

    You can assume that if one vendor did this, the rest published signatures at about the same time.

    Of course, precise verification of this gets difficult, since the CME project (http://cme.mitre.org/) basically ground to a halt two years ago. The cited reason was “changes to the threat environment”, but I’d lay better than even odds the real reason was lack of money and trained people that money pats the salaries of. The giant sucking sound you’re hearing is … yep, the Iraq War.

    What does that tell you about the security posture of the Federal systems affected? Yup. Out-of-date A/V signatures.

    Here’s another choice quote from the LA Times piece …

    “The first indication that the Pentagon was dealing with a computer problem came last week, when officials banned the use of external computer flash drives.”

    Jesus K. Reist.

    In the first place, this suggests the same sort of signature update problem I alluded to earlier.

    In the second place, do you know how easy it is to sanitize a flash drive?

    Connect the target drive to a Linux system, and then overwrite the entire drive with random data. Assuming for the sake of discussion that the suspect drive shows up as /dev/sdb on the Linux system used to nuke it, execute the following command:

    “dd if=/dev/random of=/dev/sdb”

    Do this three times. Then apply spit-n-polish:

    “dd if=/dev/zero of=/dev/sdb”

    That’ll allow you to use a hex editor to do spot checks of the drive sectors by eye. All the data sectors should now contain ASCII zeroes and nothing else but. Malware, if any, has been scrubbed right along with everything else.

    There’s nothing mysterious or cutting-edge about this. It’s been common knowledge among system administrators and security techs for more than a decade. You can use any junkerbox with a working USB2.0 port to do this. The boot-up operating system is irrelevant if you boot from Knoppix or SystemRescueCD.

    Bottom line?

    What the LA Times is spun up about is that DoD, under the inspired and oh-so-competent leadership of Bush’s cronies, has dropped the ball.

    Again.


Leave a Comment

(Open to all. Comments can and will be censored at whim and without warning.)

Required

Required, hidden

Subscribe to the comments via RSS Feed