‘….If you haven’t yet heard of Recon-ng I suggest you check it out. It walks you through the process of collecting recon in various forms and provides a nice framework to store, sort, and report on
everything you collect. You should definitely get this set up if you plan to follow along.
I have been working on a Recon-ng module to do some Facebook OSINT by using the Facebook Graph API to search for phone numbers. It allows you to search for a specific phone number, or brute force
through a range of numbers and grab all of the publicly available information on each associated Facebook account that matches……’
Imagine simply visiting a Web forum and finding that doing so forced your browser to post an embarrassing Twitter message to all of your contacts, or caused you to admit a stranger to your online social network. Now consider the same dynamic being used to move money out of your online auction account or delete the contents of your e-mail inbox.
. . . . . . .
The problem with the token-based security approach, as researchers prior to Hamiel and Moyer have noted, is that it works only if the attacker doesn’t have access to that random string of data as well.
To take the Alice and Bob on the forum example a step further, consider what happens when Alice views a forum posting by Bob that includes a link to an off-site image hosted at a site controlled by Bob. That image, when loaded by Alice’s browser, will automatically send Bob’s site a referrer URL that includes the full token that is unique to Alice’s browser session with that forum. Armed with the referring URL’s token, Bob can then respond to the image request from Alice’s browser with a request to silently take action on that forum in Alice’s name.
. . . . . . .
Moyer said one way to prevent this attack is commonly used on banking Web sites involves what’s known as a nonce, which is essentially a random, one-time-use-only number that is appended to a URL each time a visitor loads a page on that site. He noted that one reason most sites don’t adopt this approach is that it requires far more computational and Web server capacity, which can drive up costs — particularly for high-traffic sites.
+++++++Phi Beta Iota Editorial Comment+++++++
In 1990-1991 Winn Schwartau testified to Congress. They ignored him the way they ignored Peak Oil testimony in 1974-1975. In 1995 Robert Steele organized three top experts, Schwartau, Jim A from NSA, and Bill Caelii, and submitted a cross-walk of crystal clear recommendations adding up to $1 billion a year to Marty Harris, responsible for the security of the National Information Infrastructure (NII). Today the US Government is about to waste $12 billion a year helping NSA further its own agenda while ignoring the root needs of the American people for trusted electromagnetic services. The federal government is so busy attacking other people it is neglecting the people that created the federal government as a service of common concern. The gap between those exercising public power and those who elected them and pay them has grown cataclysmic. Public intelligence in the public interest is one way to help the Republic heal.
At the recommendation of Winn Schwartau, Robert Steele was invited to open Hackers on Planet Earth (HOPE) in New York City in 1994, and has been a speaker each conference since then. Although 2008 was billed as the last event, it may continue. Steele also does a “SPY IMPROVE: Everything You Ever Wanted to Know But Did Not Know Who to Ask.” Above is the “formal” briefing delivered on 18 July 2008.
I continue to believe this is one of the best in class original references. Winn, Peter Black (RIP) and I were among the first to warn of electronic Pearl Harbors, with Winn being the most knowledeable and the only one invited to brief Congress, where it went in one ear and out the others.
Winn Schwartau was one of the first, along with Peter Black (RIP), to warn Congress and the business world that digital systems would be extremely vulnerable. No one listened.
This book is still in my library. It is the non-fiction “first book” in this area.
5.0 out of 5 starsThe ORIGINAL Information Warfare Book of Books
October 16, 2007
I am so very glad this book has been reprinted and is now available again from Amazon. I have known the author ever since I ran into him in the 1990’s lecturing on America’s vulnerability to an electronic Pearl Harbor. This book started as non-fiction and scared the lawyers so badly that they insisted he write it as a non-fiction novel.
This is one of the most compelling plots, and is the perfect starter book for anyone who wants to begin understanding cyberwar, cyber espionage, and homeland vulnerability. Then read everything else Winn has published.
He is the ORIGINAL, the “real deal,” and one of the talents I most admire in the Information Operations arena.
Everything You Need to Know About the Next Attack–And Fun,
February 6, 2002
This book is a based on a *non-fiction* manuscript about U.S. vulnerabilities to electronic that was so hot that the author’s lawyers insisted he turn it into a novel to avoid liability.It is absolutely superb and written by one of the most authoritative persons around. Unlike most academic and industry security specialists, the author has from the very beginning understood, respected, and been in touch with the elite hackers who worked very hard in the 1980’s to expose the outrageously vulnerable electronic systems used by our financial, transportation, power, and communications industries.
In my view, books like this as well as the non-fiction books such as “Information Warfare: Chaos on the Electronic Superhighway” have been vital elements in educating consumers, stockholders, and voters. If you want to know just how vulnerable your bank account is, read this book.
I won’t reveal the surprise ending, but will say that it is absolutely a shocker, and totally credible.
There will be those quick to trash this book as sensationalist, and they are partly right. What most people, including the critics, do not realize is that Winn Schwartau went out on a limb in the late 1980’s and early 1990’s and is *the* primary reason Congress got concerned enough about these issues to demand a Critical Infrastructure Protection program funded at over $1B–it was Winn, not others quick to claim the line, that testified to Congress about an “electronic Pearl Harbor” on 24 June 1991. This book is unabashedly populist and seeks to make this very complex threat entertaining and understandable, and for that reason alone it is worth the time to consider. There are many other serious books for engineers, this is the one for anyone at all from housewife to student to executive. Great airplane book, won’t save the world, but will certainly increase your consciousness across the board. Worthy.
This is the cover letter to the US Government official most responsible for thinking about the National Information Infrastructure (NII) and the security of that infrastructure. Three “top guns,” one of the the foremost authority in the public arena, another the foremost expert on these matters advising the National Security Agency (NSA) all agreed on the need, in 1994, for a $1 billion a year program.
Today (Fall 2009) NSA has asked for $12 billion a year, and they are not letting on that the real reason they are building their own power plant is because the Chinese have mastered the art of riding the public electrical grid into any computer running on public electricity. Below is the letter from Winn Schwartau, on the left, and on the right, the document that cross-walks the expert recommendations, all ignored.
UPDATE OF 19 DECEMBER 2016:
Both Bill Caelli and Winn Schwartau have new books coming out in 2017, the bottom line of which is that we can indeed secure cyberspace, but it requires that governments and the providers of communications and computing software and hardware have integrity — not the case today. Below is the concept Robert Garigue (RIP) and Robert Steele developed in 1997. No one has implemented this to date.