Archive for December, 2007

Bin Laden, Google and the CIA

December 31, 2007

Starting about a year ago, credible sources started claiming that Google was feeding information to the CIA. Now I’m not sure why any jackass would even waste a baying breath denying such a rumor when it’s so obviously true. Sans Teaches several courses on Google Hacking and Johnny Long has written several books on the topic. As early as 1999, NATO started publishing an Open Source Intelligence Handbook and by 2002 had issued a separate publication on exploiting information on the Internet. Only the most stupid Google apologist would bother denying that the CIA uses the largest database on the planet to gather information and probably pays them to teach people how to do it.

Now the issues of information filtering, diminished page rankings and generally interfering with your rights is a little more debatable. Two of the four freedoms defined by President Roosevelt were freedom of speech and freedom from fear particularly of an oppressive government. Google used to brag that they had no censorship but as previously discussed they are de-listing pages from the Internet based on complaints without the existence of a Legal Cease and Desist orders. Also, they consented to censor content for the Chinese version of Google including sites only mildly critical of the central government indicating that the have the capability of censorship and the corporate will to do it if paid enough. Their new policy acknowledges that they will engage in censorship to assist law enforcement, obey regulations and as a matter of policy which covers darn near any reason in the world.

It would appear that this policy extends to publishing false listings for controversial anti-government documentary movies.

Now what brought all this to mind was yesterday I told a little Joke about bin Laden and George Bush over at the FatSavage Blog and amazingly a search engine picked it up and it became my most popular single day post. It was so popular that I jumped to number 59 on the listing of most popular WordPress Blogs. Today not a single person reached “My Apologies” by way of a search engine.

Go figure!!! Is my sense of humor being filtered to protect an almost totally tasteless Web or is this just old fashioned censorship?

Is Google Spying?

December 30, 2007

Seventy seven percent (77%) of Google Users are not aware that Gogle is spying on them and neither was I.

I tried researching the topic but didn’t find much information. I knew that Google used email filters and linked advertising to the content so that when Cousin Ed told you that Auntie Mame died, your email might include an advertisment for coffins and flowers. While that may be cool technology, I avoided it by avoiding a Gmail account.

Even after I read accounts that I would be 92 when my Google cookie expired and their new privacy policy would delete all records after 2 years unless requested to retain them longer by law enforcement, I wasn’t terribly concerned. I mean I have seen the use of Google Cookies which contain my IP, Hotmail account, my surfing habits to other sites and all my porn cookies so fore warned is fore armed and defend yourself. After all these are browser side records and can be erased and wiped when you close your Browser (with quite a bit of effort).

All this changed when I had the need to sign up for an email account under my own name instead of Mr. Daimon, fatsavage or other ficticious names. I cleverly opted out of email advertising so I could avoid coffin offers when my mother dies and did a minimal sign-up with minimal information even avoiding address and location. I didn’t think much about it and only used it for commercial activity under my own name. I only signed up with GoogleTalk to track my email because that’s faster than signing in on their web page and going to their rather slow site only to find you have no mail.

Last week I had the need to sign up as a Google Developer so I paid more attention to their site. Seems there is a button in the upper right that allows you to sign in to Google and that happens rather automatically when you sign in to GoogleTalk or at least it did for me. It showed I have an account and a history which I know I never signed up for.

The history has been keeping track of me more or less since the day I signed in for my Gmail account. It is the default option which you have to work to turn off. Naturally, I checked my history and was appalled. I’m doing a Sans Security Course and am looking up various penetration tools. I am also blogging about some pretty nasty sites. Of the hundreds of searchs I do a day, my Google history only registered the ones which make me out to be a pervert or a security risk.

Of course, I deleted the records but all that means is that I will no longer see them. They already have my IP, my email account, cookies from all accounts, the record of cookies from sites visited etc. I really didn’t accomplish anything by turning off their blatent record keeping. They still have all the rest and have publically stated they will keep it for two years.

It would appear my only real option is to stop using their services. To many that would be a tough choice, but if they have already blocked access to your site and Ask.com is doing a pretty good job of searching and you have no commercial revenues from the web, I can’t think of a serious downside.

Ask for Privacy????

December 29, 2007

Ask.com recently announced a new privacy policy called AskEraser. All of your search terms and session cookies are erased after a few hours and there is no record of your activity with a few exceptions. The most obvious is if there’s a court order to keep your records,they will.

The other exception should be equally obvious, when you click a link to another page, that site is beyond the control of Ask.com so all of the cookies, malware and cache images of pictures which come from that site are maintained in index.dat files on your machine.

I took a short tour to see if the search engine was so filtered that it wouldn’t direct you to tasteless sites and found out that search terms like porn, young models, young pussy and teen sex took you to some fairly tasteless sites which of course set cookies and loaded images on your machine. I even found some evidence that there was less site filtering than Google. I then checked the cache pages from the nasty sites and found that the images and scrips were being fed from the page on the original site that was in the ask.com collection of cache pages so in fact the original site was documenting your visit.

In other words, the worlds of corporate and government spying are so large that it’s difficult to do truly trackless searching of surfing. Still it’s nice to know that Ask.com has taken a step in the right direction in at least recognizing my rights to privacy and freedom of information.

Google Proof Sites – Part 3, The Site Command

December 25, 2007

If you want to check the approximate number of pages on a site or sneak in the back door of your favorite porn site to look at all the pictures, you can try the Google Site command which can perform both functions. For instance,

site:tigerstail.wordpress.com will give you a listing of about 150 pages, and

site:thehun.net will give you a listing of 7500 pages that you can search for pictures. Actually most of the pages are forums and text pages that give you insight to the adult porn industry.

Now once again, there are sites that you cannot Google or which do not yield complete information.

site:hotteens.com will only take you to the home page and

site:shockmeshocker.com goes to a Google cache page which Google cannot find.

Among the sites that can’t be Googled are;

site:youngsex.com
site:youngbabes.com
site:elephantlist.com
site:kolmic.com

A couple of sites give really unique responses to the site command.

site:young-models.org does not reviel any pages because Google has deleted results because of child pornography complaints. the same is true of the other.
site:youngerbabes.com

These two sites have been discussed extensively as child pornography sites at fatsavage.wordpress.com (young-models.org & youngerbabes.com). Now what’s really unnerving is despite the fact that these sites are still publishing kiddie porn, they are still on line three years after the initial arrest of Chuck Stephano. Chillingeffects.org has no record of them ever being issued a Cease and Desist Order to stop publishing kiddie porn and the pictures they offer are very disturbing pictures of very young girls engaged in brutal sexual acts with much older men.

The only organization powerful enough to exploit pictures of living young girls being brutalized is the United States Government.

Merry Christmas George Bush, this started with your Christian Administration.

Google Proof Sites – Part 2 Links

December 22, 2007

One of the safer ways to check on dangerous sites is to use cache pages from Google. Unfortunately, as previously discussed, not all sites can be Googled and unbelievable as it may seem not all porn sites want more patrons.

Two of the first measures of popularity that nascent webmasters learn about are links and traffic count. Sites like Alexa and Quantcast give a measure of popularity based on traffic and Technorati uses the number of incoming links as a measure of authority. Now with the emergence of Google Stats and tools, you can use Google for a lot more than finding information on a search term.

One of the first tools that webmasters learn about is the links directive. As an example:

link:fatsavage.wordpress.com

This search can be done from any Google search bar whether on their home page or in your browser. If you follow the link above, you find 73 pages linked to my blog. Try it with your own site or blog. Only problem is, I’m not sure about the accuracy.

When you go to any of the following sites which have all been exposed at fatsavage.wordpress.com you find that all of them have no incoming links. This is pretty strange for porn sites which use traffic building link exchanges and shared databases.

link:femalesex.com
link:youngsex.com
link:youngerbabes.com
link:young-models.org
link:cnomy.com
link:shockmeshocker.com

Cut and past and put them in the Google search bar or just type them in. Using Google and viewing cache pages is fairly anonymous except for all those nasty index.dat records retained on your own machine.

The only two things that these sites have in common is they all make the Fatsavage Shitlist of Law Enforcement Honeypots, and they are all engaged in the porn industry. Still, when you check thehun.net you find 291 incoming links.

Go Figure!

Vista Security-Oxymoron

December 11, 2007

Let’s start with basics, Vista Security is an oxymoron – It simply doesn’t exist.

I finally hacked an installation on a brand new machine and worked at putting an anti-virus on the machine. At the time, everything I tried was incompatable or my downloads were blocked. I tried Zone Alarm, PCcillin and Kaspersky. So I ended up with One Care which the whole world is condemning for being a weak system. I also attempted to install my Malware protection but every time I ran Spybot Search and Destroy, my computer locked up and AdAware wouldn’t update without locking up my machine.

I have now reached the end of my one month trial period for One Care so decided to check my machine and see how outside suppliers rate it. One Care says I’m at risk because I won’t let that cancerous back up program operate and I haven’t paid them. I tried running PCcillin House Call and was told that they couldn’t really check some operating systems. I tried Kaspersky on Line service and it told me I looked OK but there were 150 blocked files that they were incapable of inspecting.

I would have felt better if I was told that they inspected everything and I was clean.

I tried reinstalling Spybot Search and Destroy but it locked up when I tried to update it and I couldn’t get it to run. I tried to run it a few more times. It identified a couple of problems and shut down saying I aborted the process. AdAware refuses to update and stalls. When you force it a few more tries a screen pops up saying the update is complete without telling you what was updated. When I ran it, it took 18 minutes to get half way and finished in one more minute. I removed the cookies I found but don’t really trust the results.

If the Vista machine were used for anything more than surfing and writing an occasional post, I wouldn’t know what to do. I have no idea what kind of bug is on the machine nor do I trust any tools that are supposed to help me find and eliminate it.

Vista Security, Truly an Oxymoron.

Updating Windows XP

December 8, 2007

How often should I update Windows?

Every hour until you get it right!

One of the reason I like PcCillin is because of its independent search for windows vulnerabilities. Where this tool comes in handy is when my machine starts slowing down for no reason. I mean I did an online virus check and found no virus at all. The caveat of course was that it failed to check about 20 blocked files. I tied running AdAware but found that updates were blocked. So I know I wont trust that result no matter what.

When I did the PcCillin test, I found one vulnerability ms05-04. Since I really didn’t have a clue on trapping my pet bug, I decided to close the vulnerability knowing in the long run it was a fools game.

Keep in mind that this is a fully protected and updated computer just one month ago but yeah I do write some stuff that probably cause me to be spied on by Military Strength Malware.

The first step is to run a Windows update and it told me I needed the latest update module for it to be effective. Naturally, I clicked update and everything was successfully installed so I must be done since this is a very old bug.

Wrong!

Another PcCillin check is run and of course, ms05-04 is still there. So I run update again and get prompted for IE 7 and one other update. I download the one and reject the installation of IE7 so I should be done with this very old bug.

Wrong!

So the next time, I download and accept everything since my default browser is Firefox and I don’t really care which Explorer is not being run. Now I think I ‘m done so I check with PcCillin.

Wrong!

The original bug is gone but a new one ms07-?? has appeared so I download a fix, but now I’m really paranoid so I run PcCillin again to make sure I’m safe.

Wrong!

The new check of PcCillin shows that I now have six vulnerabilities and I run update again. Finally, I run PcCillin and it shows perfect protection

Right??????????

Now this reminds me that at trial, the prosecution says the machine was updated so its protected. Obviously, everybody accepts that updating closes all vulnerabilities but nothing could be further from the truth. The other problem I have is what happened to the bug that opened this vulnerability in the first place. Is it dormant, is it dead will it reappear the next time I visit a government honeypot.

Remember, pictures, documents, logs, records and files are never really destroyed but can still be recovered by forensic tools so not only is everything I’ve done in the past being stored but everything I’m doing in the futer is also being stored waiting for the bugs return.