Jacob Appelbaum: NSA aims for absolute surveillance – ITWEB SECURITY SUMMIT 2014

Jacob Appelbaum
Jacob Appelbaum
















Jacob Appelbaum (n. 1983) es un investigador independiente de seguridad informática y un hacker. Fue un empleado de laUniversidad de Washington,5 y es un miembro importante del Proyecto Tor.1 Appelbaum es conocido por representar aWikiLeaks en la conferencia Hackers on Planet Earth de 2010.2 3 4 Subsecuentemente, ha sido buscado muchas veces por agencias de ley estadounidenses, las cuales obtuvieron una orden de cateo de los datos de su cuenta en Twitter, deteniéndole doce veces6 en la frontera estadounidense después de viajar al extranjero, y le decomisaron una computadora portátil y varios teléfonos móviles.

Appelbaum, bajo el alias «ioerror», ha sido miembro activo del grupo de hackers Cult of the Dead Cow desde 2008,7 es cofundador del hackerspace de San Francisco Noisebridge,8 junto a Mitch Altman. Ha trabajado para Greenpeace[cita requerida]y ha sido voluntario de la Ruckus Society y de la Rainforest Action Network.9 También es fotógrafo[cita requerida] y es embajador del grupo de arte monochrom.10

Publicado el 31/5/2014

Appelbaum spoke of a NSA program that allows its analysts to search through vast databases containing e-mails, IMs and the browsing histories of millions of people. Called XKeyscore, the program was designed to develop intelligence from the Internet.



#filtración vs #difamación by Hacksperger

Vosotros seguir #difamando que yo seguiré #filtrando.

#filtraciones http://eskup.elpais.com/misterwinston

y + = #ResetThePlanet 

Data, data, data. Hack the universal code. #HackUniversalCode #HelloDave #werther-bureau #TheGarage #ZombieFarm

The active and Ethical Hacker.

5_cirkloj_en_60_60_60_triangulo_v2 (2)









Ethical Hacker
Ethical Hacker

WELCOME TO #werther-bureau



Anonymous VS FBI: Retaliation, leaks data from FBI network, hacks Spanish government over corruption


FBI claims victory over the Anonymous group, this statement has come after a series of arrests from the anonymous group. According to FBI, the last year arrest of 5 members from Lulz security was vital for their command over the anonymous. All the 5 members were key parts of anonymous group and were a threat in the world of internet.

LulzSec at the time of arrests had accepted the attacks on Sony pictures and Fox’s reality show ‘X-factor’. But, since the arrests there have been no big attacks or breaches taken place from the group. FBI believes this has made them identify the downfall of the anonymous groups. One of the FBI officials says:

  • “All of these guys were major players in the Anonymous movement, and a lot of people looked to them just because of what they did,”

  • “The movement is still there, and they’re still yacking on Twitter and posting things, but you don’t hear about these guys coming forward with those large breaches,” he said. “It’s just not happening, and that’s because of the dismantlement of the largest players.”

But, there weren’t 5 arrests there was another individual who was working for another group by the name ofAntiSec. All these arrests took place by FBI’s officials. In 2012, this sixth individual who was nicknamed as “SABU” gave all the required information regarding the group to FBI and this eventually led to arrest of 5 members of LulzSec. This, however, also created a layer of distrust within the group which has stopped them from working as a single unit these days.

FBI team has become really active these days and is keeping an eye on every single activity of the group. The arrest of “SABU” is of the examples of this. Sabu once by mistake exposed his IP to this FBI quickly traced his location in Manhattan which lead to his arrest.

MORE: http://hackread.com/anonymous-vc-fbi-retaliation-analysis/

VIA: http://hackread.com/


Quantum Encryption Loopholes

Quantum cryptography
Quantum cryptography

Quantum Cryptography: Perfect Eavesdropper Illustrates Overlooked Loophole in Secure Communications Technology

Loopholes in implementations of quantum cryptography

Makarov, Vadim
QCRYPT 2011: First Annual Conference on Quantum Cryptography
ETH Zurich, Switzerland

Loopholes in implementations of quantum cryptography from Dmitriy Safin on Vimeo.


DEF CON: The Documentary



DEF CON is the world’s largest hacking conference, held in Las Vegas, Nevada. In 2012 it was held for the 20th time. The conference has strict no-filming policies, but for DEF CON 20, a documentary crew was allowed full access to the event. The film follows the four days of the conference, the events and people (attendees and staff), and covers history and philosophy behind DEF CON’s success and unique experience. Written by Jason Scott

Like this? Leave feedback on IMDB:

Get involved with DEF CON:

POSTER: https://www.defcon.org/images/defcon-21/defcon-21-receipt.pdf



Car immobilizer hacking [SIGINT13] Speaker: Karsten Nohl

lecture: Car immobilizer hacking

Car manufacturers nicely illustrate what _not_ to do in cryptography.

Immobilizers have for a long time increased the difficulty of stealing cars. Older immobilizer transponders defeated thieves by requiring non-trivial RF skills for copying keys. Current transponders go one step further by employing cryptographic functions with the potential of making car cloning as difficult as breaking long-standing mathematical problems. Cryptography, however, is only as strong as the weakest link of key management, cipher strength, and protocol security. This talk discusses weak links of the main immobilizer technologies and their evolution over time.

Speaker: Karsten Nohl
EventID: 5034
Event: SIGINT 2013 by the Chaos Computer Club [CCC] Cologne
Location: KOMED; Im Mediapark 7; 50670 Cologne; Germany
Language: english
Begin: 05.07.2013 17:00:00 +02:00
Lizenz: CC-by-nc-sa

SIM cards are prone to remote hacking by Karsten Nohl


SIM cards are the de facto trust anchor of mobile devices worldwide. The cards protect the mobile identity of subscribers, associate devices with phone numbers, and increasingly store payment credentials, for example in NFC-enabled phones with mobile wallets.

With over seven billion cards in active use, SIMs may well be the most widely used security token in the world. Through over-the-air (OTA) updates deployed via SMS, the cards are even extensible through custom Java software. While this extensibility is rarely used so far, its existence already poses a critical hacking risk.

Cracking SIM update keys. OTA commands, such as software updates, are cryptographically-secured SMS messages, which are delivered directly to the SIM. While the option exists to use state-of-the-art AES or the somewhat outdated 3DES algorithm for OTA, many (if not most) SIM cards still rely on the 70s-era DES cipher. DES keys were shown to be crackable within days using FPGA clusters, but they can also be recovered much faster by leveraging rainbow tables similar to those that made GSM’s A5/1 cipher breakable by anyone.

To derive a DES OTA key, an attacker starts by sending a binary SMS to a target device. The SIM does not execute the improperly signed OTA command, but does in many cases respond to the attacker with an error code carrying a cryptographic signature, once again sent over binary SMS. A rainbow table resolves this plaintext-signature tuple to a 56-bit DES key within two minutes on a standard computer.

MORE: https://srlabs.de/rooting-sim-cards/

SIM cards are prone to remote hacking