[Book Review] The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick

2019-09-07 00:00:00 +0000

Over the years one of the techniques that comes up over and over again as one of the most efficient hacking techniques is Social Engineering. The technique requires you to be a high quality con-artist in many cases, both in person, over the phone or text. One person who is an amazing Social Engineer is Kevin Mitnick [1]. He has written/co-written a lot of books on IT Security, where one of these books is The Art of Deception [2]. It is a book I have read a few times from cover to cover and some times used as a reference, when explaining the idea of social engineering to people. I have just never gotten around to write a review, so here it is.

Overall

The book is split into four parts where the first part focuses on the weakest link in most security, not just IT, the human element. The part outlines how humans act and behave, even on a subconscious level and it is possible to exploit this in general.

The second part of the book focus on what an attacker can do to use his/her skills to attack a company and how an attack can behave when gaining trust/access.

The third part of the book is similar to the second part, but focus on attacks with a higher risk of discovery. As an example there is a full chapter on Entering the Premises.

The fourth part is focused on how we can increase the awareness towards Social Engineered intrusions and in general increase the awareness of security.

The parts are well structure and “build” on top of each other, in the sense that they can be read individually. But you will get a better understanding why the attacker is doing a specific thing if you have read the chapter/section is build on top off. However, I highly recommend that on your first read you do not skip any of the first part of the book. It is the foundation for why any of the following attacks will work and it is explained without “to much psychology”.

Presentation

All parts of the book, first explains a concept from an abstract point of view, followed by one or more well structured concrete examples. This gives the read a deeper understanding of how the process of the concept works and how to use it in reality. The examples are also the gateway drug for newcomers to the world of social engineering, as they make it seem approachable. Side note: I was listening to the podcast Darknet Diaries [3] where the IT security professional known as Tinker [4][5] was interviewed in the episode Jeremy from marketing[6]. During the interview Tinker talked about Social Engineering a lot and because I had read Mr. Mitnicks book, the attacks and techniques described was very easy to follow.

One critic, I have is that some times the attack seems to expect the target, to be of either an extremely low IQ or way to trusting. But that is the only critic I have and I would highly recommend people to read the book, even if they have no interest in IT what so ever. They might learn a thing or two.

References

Got my paper accepted for a GlobeCom Workshop

2019-08-25 00:00:00 +0000

Hello creatures of the internet,

I am pleased to announced that I got the good news that my paper Alexandria: A Proof-of-concept Implementation and Evaluation of Generalised Data Deduplication, I know the title is a mouth full, has been accepted for the IEEE GLOBECOM 2019 Workshop on Edge Computing for Cyber Physical Systems.

Best,
Lars Nielsen

Qutting Thunderbird and moving to Evolution and Mail

2019-07-12 00:00:00 +0000

thunderbird-logo

For years I have been using Thunderbird and really enjoyed it and recommend it to friends, family, and colleagues, and to be honest that is not something I do lightly. Thunderbird have been easy to setup and use across all my machines (Linux and MacOS) and I have not really had any complaints with it, until now.

So why have I started to have complaints? Well the latest update I have installed is v60.8.0 and for some weird reason the user interface is no longer the same on Linux and MacOS and I have not been able to tell why. One of the things that are different is that on Linux the search bar for searching in mails is gone and I have not been able to get it back. Even after a LONG! time of searching and talking to people also people who actively develops Thunderbird. This is bad for a guy who receives over a thousand relevant emails every month. I even went as far as trying to uninstall Thunderbird and reinstalling it on Linux. Next, after update to major version v60 I have had nothing but problems with my Google Mail account, yes I still have one of those, it locks up, is signed out and is in general behaving weird. This is kind of a problem to me, as I really do not like gMails web interface and prefer to not use it at all. Then, I started having problems with a mail which I have Unoeuro hosting for me. Basically every third time, or so, I tried to send an e-mail it would say that I had to type in the login information for the SMTP server, which I had already done. Finally, the last straw, Exchange support. This is not a problem with v60 but rather Thunderbird in general. At a lot of companies and Universities, Aarhus University include, Microsoft Exchange is used as the mail server, which I am actually not against. This means that my mail client must provide some form of Exchange support Thunderbird does not offer this out of the box, but there is a plug-in ExQuilla which enables this. I love ExQuilla it made my life a lot easier when using Exchange on Linux. However, again after updating to v60.8.0 problems started with ExQuilla, my credentials kept dropping for the Universities Exchange server and I had to reset my Exchange account often. Another thing that has been confusing to me, is that Apple Mail provides built-in Exchange support for free and so did Nylas N1 when it existed so it was weird to me that Thunderbird does not. Other minor things have started to break to, but they are nothing to write home about.

evolution logo

So I started looking at alternatives I could use on both macOS and Linux, and well I could not find a good one. BUT! BEHOLD! I found out that Evolution, standard mail client in Gnome, comes out of the box with built-in Exchange support. So I started playing around with Evolution and realised that it fulfilled all my e-mails need and the built-in calendar in Gnome also support Exchange calendar so well Gnome native apps here I came and so far it has been a month and I am in love with these Apps. The calendar has a few bugs when creating events, but it is like start an event a day before but that can be solved with a drag on the event after creation. Now these Apps are not available on macOS for well obvious reasons, so I had to look for things there as well and I was considering to use Airmail by Bloop S.R.L and I did test it, but I simply could get use to how it requires two windows to write mails, one for the mail list and composing window. So I looked and looked, and every time I ended back at Apple Mail and the Calendar, and it is a bliss to use, so I am back in closed source Apple land when it comes to mail and calendar on Mac.

NOW! Does this mean a permanent farewell to Thunderbird for me. I honestly hope not, I love client and has been using it as my main email client since 2005. So what needs to change? Well I would like a nicer user interface and I have wet dreams of Emacs as an editor for mails. I would also like to see built-in support for Exchange and a proper built in Calendar, just start Sunbird again, it is really nice to have two separate apps for this. Another thing is that the Thunderbird team release this blog post: Thunderbird in 2019 and it contains a lot of promises, promises I have yet to see being fulfilled but they make me hopeful for my return one day. Maybe if I can find the time I can help a bit, but that remains to be seen.

sunbird logo

Notice: I would like to extend a special thanks to R Kent James for ExQuilla and I am sad to here about his health problems. I hope he will get better soon and best wishes to him and his family.

-Lars

Why I am using Tutanota and Signal

2019-06-03 12:00:00 +0000

Will add references later I have them

So over the last 5 - 10 years many people have become more focused on privacy when communicating, not just with colleagues, customers, and employers, but also for private communications. The reason for this is that we now know that Google, Facebook, and other companies “peek” in our correspondence with others, to identify relevant, for them, information. It is known that Facebook use the information to tailor commercials more aggressively towards you and its know that companies, not just Facebook, sell the information to other companies and we simply do not know what they do with the information. So how can we as users of this service combat this and can we actually defend combating these procedures?

I will start by answering the later. Well the answer is complex, if one can remember as far back as the mid nineties one would remember that we paid to use certain services such as mail services and search engines, even web browsers if you can believe it. However, this changed with the introduction of products such as Internet Explorer, Altavista, Yahoo, MSN, Hotmail, Google Search, and more, with these products the “free” internet was born. The problem was/is that the companies which provide these products still need to make money, and how can they do that? Well, advertisement, remember a time before NoScript and uBlock when the internet was covered in adds? That was a solution, however, how did companies prove that an add campaign was effective? Well you could correlate increase in revenue with the period of the add, or you could do something much simpler, track how many clicks the add. Sounds familiar? No? Well this is one of the ways tracking started, there are multiple others, and after some time some people thought; Well, what if we can create a profile of the person to target adds more specifically to that user?, letting to user profiling. So tracking rose from a need to earn money and by avoiding tracking we reduce a company’s money flow. So, because we did not want to pay for internet services we are at directly at fault for tracking. However, companies are super invasive and does not necessarily require you to use their system to track you, an example is Facebook, they track who ever visits a website that has a Facebook like button. So if I do not use Facebook why should I allow Facebook to track me? Well I should not. Additionally it is know that Google scan our gMail content to, amongst other things, build a profile of you. Well it is fair because gMail is free, but why then not offer a paid version where you can avoid that? Why can we not opt out of tracking? Simple to much money is to be made and tracking is now a core part of a lot of systems. So to summarise, if you use a services for free it is fair that you get track, it is your own fault, but if you do not use a company’s service they have no right to track you.

But I do not like tracking either way so how do I avoid it? Well it is close to impossible to 100% avoid tracking and I cannot. I use NoScript to block Google Analytics and other fancy stuff, I use uBlock to say f… you to adds. That is all good and well, but how do I avoid Google, Facebook, or who ever, the NSA for instance reading my emails and messages? Well I use products that provides privacy. For email there is multiple options, ProtonMail is a good example, and of those options I went with Tutanota which is located in Germany. Tutanota encrypts your mail on their server and allows you to send encrypted emails, even to people without Tutanota accounts, whilst avoid the need to exchange PGP-keys. It is super easy to use, only problem for me is that there is not a desktop application. But the web client is pretty good. Instant messaging on the other hand… that is a tough one, the reason for that is that in Denmark most do not use SMS anymore but use Facebook Messenger or SnapChat, exactly what I am trying to avoid. However, due to the resent public focus on privacy more and more are switching back to SMS or other services, for instance WhatsApp. But again a problem, a Cell Service Provide can read your SMS’es and WhatsApp is owned by Facebook. So what do we do well we can look at service such as Telegram, which I also use, but the problem is that companies such as Telegram do not explain how they make money or what legal restrictions they are under. So the main option for me is Signal from Open Whisper Systems. They explain how they make money, what legal restrictions they are under AND more importantly to me, almost everything they make is open source, so we can evaluated what is actually happening. Signal provides end-to-end encrypted messaging so they cannot analyse your data and neither can others. So that is why I use Tutanota and Signal.

-Lars

Why I stopped being a danish liberal

2019-03-07 10:00:00 +0000

I have been interested in politics since I was very young, I remember discussing it with my grandmother when I was 11, how the political system in Denmark works. From the get go I have been oriented towards the right and even some times to the far right with regards to financial and social politics, and if I am honest when I was young and naive I leaned towards the far right on immigration as well. However, when I reached my late teens I had moved closer to the mid of the right wing, so parties such as Venstre, Konservative, and in later years Liberal Alliance.

For a long time I saw these parties as protectors of the people, who believed in freedom of the people and provide a good society with minimal interference from the government. But a shift in danish politics have happened with the last decade, or it actually started in 2001 with the 9/11 terrorist attack in New York. The shift was that instead of having a trusting and at ease population, the politicians was/is now making decisions for- and leading a people which is terrified of terrorist attacks, immigrants, and refuges. The problem with this is that the leaders of the politicians are the voters and when the voters are scared, the politicians capitalise on this by implementing a lot of strict policies with regards to immigration and refugees. The tension internally in Denmark have been hidden from the outside for quite a while, but over time our integration and refuge policies and how they have been tighten have reached outside our country. However, one thing that most do not know and which surprises most when I talk to others, is the surveillance laws which have either been suggest or either implemented. These laws includes CCTV surveillance, ISP customer session logging, and implementation of DNA register. The last two have not yet been past in to law, but it is balancing on the edge of knife. What surprised me and still does, is that the parties which suggested this was the liberal parties that I was such a strong supported of. I had to realise these parties was capitalising in a manner I could not support as it was not liberalism it was something else. They want to build a surveillance society that hasn’t really been seen in the countries which are members of European Union since the east block exist and was destroyed in 1989 and early nineties.

Another thing is also that a lot of the parties, especially looking at you Venstre, has changed from a liberal and capitalist parties too almost solely capitalist parties, which is also terrifying as the capitalist mentality always moves towards the money and not always what is beneficial for the society. For example privatising DSB, a danish railways company, have made it so bad and it was predicted by most people.

I simply cannot stand by the ideals of these parties which calls them self liberal and are not. Therefore, with elections coming up I am currently reevaluating my political stand points and what I should vote for. One thing is for sure I am still a liberal and I will help fighting the new Stasi society that a lot of European government are trying to create.

-Lars Nielsen

subscribe via RSS