Hacker 10

U.N. report reveals secret law enforcement techniques

Posted: 06 Dec 2012 01:27 PM PST

Buried inside a recent United Nations Office on Drugs and Crime report titled “Use of Internet for Terrorist Purposes” one can carve out details and examples of law enforcement electronic surveillance techniques that are normally kept secret.

The report includes real accounts of investigative techniques countering terrorist groups secure communication systems.

Terrorist groups using computer security

Point 187: Members of the outlawed Turkish Revolutionary People’s Liberation Party-Front (DHKP-C) used steganography software called Camouflage to hide messages inside JPEG files and encrypted attachments with WinZip before emailing them. A joint Turkish and Italian police operation managed to decrypt the messages and arrest over a hundred people involved with the organization.

Point 194: An Alqeda affiliated webmaster managing a jihadist website from Brazil was specifically targeted by the police to grab him by surprise while he was still online to make sure that they would get his encryption keys thanks to which the investigators were able to open all relevant encrypted files.

Point 280: International members of the guerilla group Revolutionary Armed Forces of Colombia (FARC) communicated with their counterparts hiding messages inside images with steganography and sending the emails disguised as spam, deleting Internet browsing cache afterwards to make sure that the authorities would not get hold of the data. Spanish and Colombian authorities cooperated to break the encryption keys and successfully deciphered the messages.

Point 374: German citizens members of a group called Islamic Jihad Union used the dead email inbox trick to communicate in between them, the suspects did not send the email to prevent wire tipping in transit, saving the messages to the draft folder instead for the other part to read and reply, coupled with accessing the Internet using insecure wireless access points of unsuspecting citizens with one of the suspects using encryption which forensics expert tried to access and failed.

Use of Internet for Terrorist Purposes –

Law enforcement vs terrorists digital arsenal

Point 198: It explains how an investigator can circumvent Truecrypt plausible deniability feature (hidden container), advising computer forensics investigators to take into consideration during the computer analysis to check if there is any missing volume of data.

Point 201: Mentions a new covert communications technique using software defined high frequency radio receivers routed through the computer creating no logs, using no central server and extremely difficult for law enforcement to intercept.

Point 210: Explains how Remote Administration Trojans (RATs) can be introduced into a suspects computer to collect data or control his computer and it makes reference to hardware and software keyloggers as well as packet sniffers.

Point 218: Talks about a honeypot jihadist website created by the CIA and the Saudi Government to attract and monitor terrorists, leading to the arrest of jihadists before they could carry out their operations but finally having to dismantle their own website when law enforcement realised that it was also being used to plan attacks against US troops in Iraq.

Point 378: Explains how during an Alqeda case in Belgium and after an informal request without any kind of warrant within two weeks the FBI managed to provide Belgian authorities with a CD containing relevant emails data held in US servers voluntarily provided by Yahoo and Microsoft.

Full report:
http://www.unodc.org/documents/frontpage/Use_of_Internet_for_Terrorist_Purposes.pdf

Wipe files, folders and free space with Secure Eraser

Posted: 06 Dec 2012 09:42 AM PST

Secure Eraser is a data wiping and cleaner program that makes files and folders impossible to recover overwriting them multiple times with standard data wiping algorithms. You can also use this program to completely wipe a partition or external storage device and overwrite free space in your hard drive where data that the user thinks was long gone is still recoverable with specialist tools if it hasn’t been written on with a new file.

The program integrates within Windows right click context menu to make it easy to wipe files and securely wipe Windows Recycle Bin content, or you can launch the program and manually select what file or folder you would like to wipe for good. Secure Eraser has a registry and system cleaning option to erase your Internet browsing tracks, only Internet Explorer and Firefox are supported. Another option is to securely wipe Windows temporary files, you should always run a Windows junk file cleaner once in a while even if you don’t care about your privacy you will possibly end up recovering lots of hard drive space. When I ran Secure Eraser in my computer it managed to find 4GB of temporary files that a software called Freemake Video Downloader had left inside the AppData/Local/Temp folder without me knowing about it.

Secure Eraser file wiping software

Five different wiping algorithms are supported, a low security and very quick data wiping method utilizing random data, a 3 pass US DoD 5220.22-M E, a 7 pass US DoD 5220.22-M ECE, a 7 pass data wiping with a German standard algorithm, and a 35 pass data wiping with Peter Gutmann algorithm. There is a log in the program that keeps a record of all erased files in .html format, this will open everytime you wipe something, it will show you the names of the files that have been wiped and it will highlight in red any possible error, program configuration options are minimum, limited to setting the logging report parameters and nothing else.

The program is free for non commercial use, with a splash screen showing from time to time, the help manual is only available in German but I don’t think you will need to read it.

Visit Secure Eraser homepage

RssA1

vineri, 7 decembrie 2012

Hacker 10

Hacker 10

Related Posts:

Related Posts:

Niciun comentariu:

Trimiteți un comentariu