Chinese Espionage in Five Minutes

This evening I watched last week's episode of This Week in Defense News with Vago Muradian. Vago's last guest was David Wise, author of Tiger Trap. If you want to learn as much as possible about Chinese espionage in a five minute interview, I recommend watching History of China spying on U.S.. I hope this book encourages attention at the highest levels of the US government and industry.Tw...

Read More

The Best VPN Solution

As you may, know, TutorialGeek has been all but dead for the past couple months. This is due to the fact that I have been in China and getting on Blogger has been difficult at best. I have been spending the better part of a month looking for a good VPN solution so that I can resume my blogging, but most VPN options have been annoying or frustrating.Well; I am hoping all that will change. I have tried a few VPN services that are decent, but I soon hope to try out USAIP. Once I have tested this out, I will do a full evaluation. Hopefully it will...

Read More

Review of Robust Control System Networks Posted

Amazon.com just posted my five star review of Robust Control System Networks by Ralph Langner. From the review:I am not an industrial control systems expert, but I have plenty of experience with IT security. I read Robust Control System Networks (RCSN) to learn how an ICS expert like Ralph Langner think about security in his arena. I was not disappointed, and you won't be if you keep an open mind and remember IT security folks aren't the target...

Read More

Impressions: The Art of Software Security Testing

I'll be honest -- on the same trip on which I took The Art of Software Security Assessment, I took The Art of Software Security Testing (TAOSST) by Chris Wysopal, Lucas Nelson, Dino Dai Zovi, and Elfriede Dustin. After working with TAOSSO, I'm afraid TAOSST didn't have much of a chance. TAOSST is a much shorter book, with more screen captures and less content. My impressions of TAOSST is that it is a good introduction to "identifying software...

Read More

Impressions: The Art of Software Security Assessment

I recently took The Art of Software Security Assessment (TAOSSA) with me on a flight across the US and part of the Pacific. This massive book by Mark Dowd, John McDonald, and Justin Schuh is unlike anything I've read before. If I had read the whole book I would have written a five star review. However, since I only read certain parts of interest to me, I'm sharing these impressions of the book.One of my favorite aspects of TAOSSA is the demonstration...

Read More

Impressions: Tiger Trap

I just finished reading Tiger Trap by David Wise. I read the whole book (so my "impressions" label isn't really accurate, because I use that for books I didn't fully read). I don't feel like writing an entire review but I wanted to capture a few thoughts. First, if you know nothing about Chinese espionage against the United States, read Tiger Trap. I didn't think Tiger Trap was the easiest book to read about the subject, but I haven't seen any...

Read More

Bejtlich Cited in Chinese Article on APT

I found it ironic to see the names Richard Bejtlich and MANDIANT appearing in the article How to reduce the losses caused by APT attack? The reason this is funny is that the article appears in a Chinese-language story, published by a site operating in Beijing!You can read the Google Translation if you can't read the original.According to Tianji Media Group:Established in January 1997, ChinaByte was the first IT news website in China. So, welcome...

Read More

Classic Chinese Defensive Propaganda

Thanks to the sharp eye of a colleague from a mailing list, I learned of the article Is China Really Cyberdragon? in the English-language China Daily newspaper. The article is by Tang Lan, deputy director of the Institute of Information and Social Development Studies, China Institutes of Contemporary International Relations (a state-directed research institute). His writing displays all of the class elements of what I call Chinese defensive propaganda,...

Read More

Muxing System.Diagnostics.Process with System.Security.AccessControl

# three functions that produce filepath,Owner,Access,SDDL# for the binaries listed by ps ("get-process")# All rights reserved Ryan M. Ferris @ RMF Network Security# Version r5:21 PM 9/6/2011function Get-PSACL{ps | get-acl -ea 0 | Select pschildname,owner,AccessToString,Sddl}function Get-PEX{[array]$global:ps_list=ps[array]$global:acl_list=$ps_list | get-acl -ea 0$acl_list | Select @{label="FilePath"; Expression={ls $_.PsPath}},Owner,AccessToString,Sddl}function Get-PIDACL {foreach ($id in $(ps)) {$id | Select Name,ID, @{Label="Owner";Expression={get-acl...

Read More

Government Takeover of Compromised Digital Infrastructure Provider

The latest twist in the compromise of DigiNotar's certificate operations is amazing. The Associated Press reports:DigiNotar acknowledged it had been hacked in July, though it didn't disclose it at the time. It insisted as late as Tuesday that its certificates for government sites had not been compromised.But Donner said a review by an external security company had found DigiNotar's government certificates were in fact compromised, and the government...

Read More

Watch National Geographic Channel's The Liquid Bomb Plot

Over the last week I've been watching a new National Geographic Channel documentary titled The Liquid Bomb Plot. It explains how British intelligence detected and thwarted an AQ operation to destroy at least seven aircraft flying from the UK to the US in August 2006. The show is excellent and features first-hand accounts, including key US personnel like Secretary Chertoff and General Hayden. I recommend watching this show because it demonstrates...

Read More