Krypt3ia

(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for January 27th, 2009

Witches of Cornwall

leave a comment »

Over the centuries, many in the British Isles have appealed to witches in times of need–to cure a toothache, concoct a love potion, or curse a neighbor. Witchcraft, the rituals of a number of pagan belief systems, was thought to offer control of the world through rites and incantations. Common as it has been over the past several centuries, the practice is secretive and there are few written records. It tends to be passed down through families and never revealed to outsiders. But archaeologist Jacqui Wood has unearthed evidence of more than 40 witchy rituals beneath her own front yard, bringing to light an unknown branch of witchcraft possibly still practiced today.

Wood’s home is in the hamlet of Saveock Water in Cornwall, a county tucked in the far southwest corner of the country. For thousands of years people have raised crops and livestock in its fertile valleys, and its coastline of dramatic cliffs, secluded coves, and pounding surf was once a haunt for smugglers. Cornwall is a place time forgot; steeped in folklore, myth, and legend; and purported to be inhabited by pixies, fairies, and elves. So it should come as no surprise that it has also been home to the dark arts.

When I visit Saveock Water it is raining, which adds to its unearthly atmosphere. Wood, a warm lady with sparkling hazel eyes, greets me in her cozy white-washed barn while rain hammers on the roof. She moved to Saveock Water 15 years ago because it was an ideal location for her work in experimental archaeology, replicating ancient techniques, including those used in farming or metallurgy. Since then she has carried out her experiments, such as growing ancient crop varieties, unaware of what lay under her fields. In the late 1990s, Wood decided to do some metalwork research by re-creating an ancient kind of furnace. “I dug down into the ground to construct a shelter close to the furnace and I discovered a clay floor,” she says.

Full story at Archaeology Magazine

I found this story interested on many levels. One the one hand, the idea of myself living in Saveock someday is appealing. It seems quite a nice area of the UK and I would love someday to have a quiet cottage in a place like that. On the other hand, the whole archaeological process here is rather interesting. These “wells” or “holes” being actual ritual places and the process by which they have been determined to be so is fascinating. I also would love to and have thought about in the past, volunteering for a dig or two myself.

The last piece of the puzzle is that they carbon dated the sites and they spanned from pre-history to the 1950’s. Quite interesting in a “Wicker Man” sense!

Written by Krypt3ia

2009/01/27 at 12:18

Posted in Archaeology, History

Mac OS X research warns of stealthier attacks

with one comment

Mac OS X research warns of stealthier attacks
Dan Goodin, The Register 2009-01-22

A computer security researcher has discovered a new way to inject hostile code directly into the memory of machines running Apple’s OS X operating system, a technique that makes it significantly harder for investigators to detect Mac attacks using today’s forensics practices.

The technique, which Italian researcher Vincenzo Iozzo plans to detail at the Black Hat security conference in Washington next month, makes it possible to carry out stealthy Mac attacks that until now have not been possible. The in-memory injection approach allows unauthorized software to be installed on a Mac without leaving traces of the attack code or other tell-tale signs that the machine has been compromised.

The Rest

It just goes to show that even in a well designed system where the memory is randomized, there still is one memory spot that “needed” to be static. It was that static bit that brought down the security of that system’s design intent. I would also add that all those mac heads out there who think Mac OSX is invincible.. Think again…


Written by Krypt3ia

2009/01/27 at 02:36

Posted in Hacking, Infosec

The Obama Administrations Mandate on CyberSec

leave a comment »

Did you ever have a dream Neo that seemed so real?

Did you ever have a dream Neo that seemed so real?

From the whitehouse.gov site

“We are here to do the work that ensures no other family members have to lose a loved one to a terrorist who turns a plane into a missile, a terrorist who straps a bomb around her waist and climbs aboard a bus, a terrorist who figures out how to set off a dirty bomb in one of our cities. This is why we are here: to make our country safer and make sure the nearly 3,000 who were taken from us did not die in vain; that their legacy will be a more safe and secure Nation.”

— Barack Obama, Speech in the U.S. Senate, March 6, 2007

The first responsibility of any president is to protect the American people. President Barack Obama will provide the leadership and strategies to strengthen our security at home.

Barack Obama and Joe Biden’s strategy for securing the homeland against 21st century threats is focused on preventing terrorist attacks on our homeland, preparing and planning for emergencies and investing in strong response and recovery capabilities. Obama and Biden will strengthen our homeland against all hazards -– including natural or accidental disasters and terrorist threats — and ensure that the federal government works with states, localities, and the private sector as a true partner in prevention, mitigation, and response.

    Protect Our Information Networks

    Barack Obama and Joe Biden — working with private industry, the research community and our citizens — will lead an effort to build a trustworthy and accountable cyber infrastructure that is resilient, protects America’s competitive advantage, and advances our national and homeland security. They will:

  • Strengthen Federal Leadership on Cyber Security: Declare the cyber infrastructure a strategic asset and establish the position of national cyber advisor who will report directly to the president and will be responsible for coordinating federal agency efforts and development of national cyber policy.
  • Initiate a Safe Computing R&D Effort and Harden our Nation’s Cyber Infrastructure: Support an initiative to develop next-generation secure computers and networking for national security applications. Work with industry and academia to develop and deploy a new generation of secure hardware and software for our critical cyber infrastructure.
  • Protect the IT Infrastructure That Keeps America’s Economy Safe: Work with the private sector to establish tough new standards for cyber security and physical resilience.
  • Prevent Corporate Cyber-Espionage: Work with industry to develop the systems necessary to protect our nation’s trade secrets and our research and development. Innovations in software, engineering, pharmaceuticals and other fields are being stolen online from U.S. businesses at an alarming rate.
  • Develop a Cyber Crime Strategy to Minimize the Opportunities for Criminal Profit: Shut down the mechanisms used to transmit criminal profits by shutting down untraceable Internet payment schemes. Initiate a grant and training program to provide federal, state, and local law enforcement agencies the tools they need to detect and prosecute cyber crime.
  • Mandate Standards for Securing Personal Data and Require Companies to Disclose Personal Information Data Breaches: Partner with industry and our citizens to secure personal data stored on government and private systems. Institute a common standard for securing such data across industries and protect the rights of individuals in the information age.

I hope that this can be made reality. There is a lot of work to do to get the assclowns in the private as well as the public sectors to make a change. It remains to be seen whether he can enforce these things… But, if we don’t take a stand, you had better start learning Chinese.

Written by Krypt3ia

2009/01/27 at 02:22

Loose Nukes

leave a comment »

Exclusive: How Secure are Nukes in the U.S.?

In 2005, ABC released a documentary titled, Loose Nukes: Inadequate Security Matters. The documentary focused on the less than adequate security at many U.S. universities that have nuclear research facilities. Flash forward to 2009: are those university facilities now secure? Are the nuclear weapons stored on our U.S. military bases secure? Could a terrorist organization penetrate the facilities? If so, how?

For several years I was assigned as the “Chief Special Agent” assigned to the protection of our country’s most secret weapons and their technology. Americans have a false sense of security when it comes to the protection they believe our nuclear weapons have. No one wants to believe the weapons programs could be penetrated. Our administration would say the nuclear weapons are so secure that no one could gain entry into one of the facilities. Our Generals would insist this is true. I say this is false and that we are underestimating the patience and creativity of Islamic terrorist organizations. During my field research of hundreds of Islamic Centers, discussions with Islamic leaders, and my extensive research into the “mindset” of Islamic terrorists, I provide here a likely scenario of how the nuclear facilities could currently be infiltrated.

Islamic terrorists and their supporters are very, very patient. They do not define their milestones to reaching an objective necessarily in time periods of days, month, or even a few years. It is not uncommon for a single terror event to be planned for many years, and the plan not to be completed even during the lifetime of the terrorists who are planning the attack or infiltration.
Today, Saudi Arabia, Pakistan, Palestine, Iran, and a host of other countries have citizens who were trained by Jihadist terror camps. The individuals have been sent to the U.S. to begin a slow and patient process of assimilating into our communities. The individuals have obtained positions within every industry within America. There are physicians, engineers, plumbers, carpenters, laboratory technicians, and politicians who have been trained in the ideology of Islamic Jihadists.  They hold positions of trust within all levels of the private and government sectors; to include our military and our law enforcement.

Too often people think of nuclear facilities being attacked by what they see Hollywood producers displaying on our screens. The imagination goes wild by seeing terrorists donned in black clothing, an AK-47, and a belt load of hand grenades. The terrorists then drive up in a truck and crash through the gates of a secure facility. The “bad guys,” of course, are then destroyed by the “good guys” and our nuclear technology and weapons are again safe. The sad thing is the same movies “average” Americans watch are the same ones many of our politicians watch and believe.

Great Hollywood films are exciting to watch, but in reality, the methodical process of infiltrating a nuclear facility is time consuming and boring. The terrorists are counting on this. Americans lose patience easy and look at world events in a Hollywood fashion. They want to be entertained. This is not to say Americans want a terrorist attack, but how many Americans were glued to their television sets on 9/11 and for weeks afterwards? Most (to include our law enforcement) believed the Islamic terrorists would attack again the next day, week, month, or year. Since this did not happen, Americans again feel secure. Americans do not understand the mindset of their enemy (Islamic Jihadists). They will again attack, but when they desire – and not when we expect them to.

In reality, Islamic Jihadists have been trained to attack from within. It may take years for a terrorist to gain a position and/or gain the trust of people working in a nuclear facility. On the other hand, it may take only a few minutes to obtain access. In America we have many sensitive positions on U.S. installations and universities held by non-U.S. citizens. Our military bases have numerous scientists who were trained in Saudi Arabia and Iran who have virtual free rein on our bases which have nuclear weapons and/or other advanced technology. It is much easier for Saudi Arabia to send a scientist to visit our weapons research facilities (such as the Air Force Research Laboratory, Kirtland Air Force Base, New Mexico) than it is for a U.S. citizen to visit our installations simply to meet the troops on a base.

The following statements are from an Islamic Jihadist manual obtained in Falls Church, Virginia. The manual can be found in many Islamic Centers throughout the U.S.:

  1. “War is a deception. A war is actually won through artfulness and wise and judicious actions. If one side has more weapons and means than the other side, but does not know the tricks of war and the ways of entrapping the enemy, it will lose the war despite its material superiority”.
  2. “Personal qualities required for fighters on the Islamic front. PATIENCE. The first quality that has been stressed is that of patience, without which no struggle can be waged for any cause”.
How difficult would it be for a team of trained professionals, who think like the Islamic terrorists do, to conduct a test infiltration of a university facility? The team would succeed in 10 of 10 tests.

My counterterrorism research team is comprised of former federal agents who held the nations top level secrets, former al Qaeda members, former Iraqi police officers under Saddam Hussein, and researchers who have infiltrated (legally) some of the leading Islamic organizations in the U.S. The results: Our nation faces a crisis and only a handful of individuals know how to detect, monitor, and diffuse the threat. Our organization needs funding from private individuals, corporations, in order for our team to continue providing the intelligence to concerned politicians and law enforcement officials.

Let me add to the mix here and also say that right now you should be reading “The Inheritance” It’s all about the issues that confront the US and the new president post the last administration. One of those issues is the possibility and probability of a loose nuke being procured by terrorists and used against us.

When you think of this think on Pakistan. Pakistan has about 100 warheads in a black box. We have given Pakistan about 100 million in cash to bolster their security for the warheads but have no idea how the security is. You see, Pakistan is afraid to show us their security. As well, the Pakistani’s are worried that if we were to see the measures, that we would swoop in (which we might anyway in a situation) and secure/steal them from the country.

Now, on the whole issue of loose nuclear materials here…Well, nothing much has changed I am sure… So, yeah, we aren’t very safe are we?

Written by Krypt3ia

2009/01/27 at 01:59

Posted in CBRN, Qaeda, Security, Terrorism