Women, the best freaking firewall in the world
One human cell contains 75MB genetic information.
- One sperm contains a half of that; that is 37.5MB.
- One ml of semen contains 100 million sperms.
- In average, ejaculation lasts for 5 sec and contains 2.25 ml semen.
- This means that the throughput of a man’s member is equal to (37.5MB x 100,000,000 x 2.25)/5 = 1 687 500 000 000 000 byte/second = 1,6875 Тerabyte/sec
This means that the female eggcell withstands this DDoS attack at 1,5 terabyte per second, and only lets through one(!) data package, thereby being the best freaking hardware firewall in the world!
The downside of it is that this only small data package that it lets through, hangs the system for the whole of 9 months!
Hackers, take note.
![thedailywhat:
Breaking: Free at last!
North Korean leader Kim Jong Il has pardoned two jailed American journalists following an unannounced meeting with former President Bill Clinton, media reports said Tuesday.
[photo via.]
Amazing news. I had heard from my *ahem* “friends” in the intel community to expect them to stay jailed for 2 years minimum so this meeting must have been kept extremely secret. Clinton was a fantastic choice as his administration had as good of a relationship with NK as possible for a western democracy.
This is the best possible resolution, although I do wonder what this is costing us, although I consider it inconsequential.](http://29.media.tumblr.com/b9vfl4b63qqkcj6tredpRM7Mo1_500.jpg)
Breaking: Free at last!
North Korean leader Kim Jong Il has pardoned two jailed American journalists following an unannounced meeting with former President Bill Clinton, media reports said Tuesday.
[photo via.]
Amazing news. I had heard from my *ahem* “friends” in the intel community to expect them to stay jailed for 2 years minimum so this meeting must have been kept extremely secret. Clinton was a fantastic choice as his administration had as good of a relationship with NK as possible for a western democracy.
This is the best possible resolution, although I do wonder what this is costing us, although I consider it inconsequential.
North Korean Extraction Mission Brainstorming Pt. 2
There typically are a few reliable options when planning a mission like this. However, due to the unique nature of the situation, some of our more basic tactics are moot.
A Run & Gun is completely out of the question. Even if we could take advantage of a rouge para-military unit already operating inside of NK’s borders, prison guards will be more numerous, armed and have at least basic training, maybe more depending on how dangerous/valuable the inmates are considered.
Unfortunately the only scenario that make’s sense is the one we are least prepared for in regards to NK: A mission centered around human intelligence.
We need a handler to turn a mid to high level prison officer. Finding the right person and making contact would be REALLY difficult part. However, we have something very valuable we can offer this person: Help us extract our citizens, and we will also extract you and your family.
See, the higher up in the food chain you progress in NK, the more access to information you have. These officers would have a much higher awareness of the outside world vs. NK citizens, who are practically worthless (informationally) due to isolation. You can’t run counter intel on people who don’t know anything.
So, we bait the officer with the prospect of freedom, this ensures he has just as much to lose as we do if the mission is compromised. We set up a rendezvous point just inside the NK/China border. From there we can escape to SK or Japan by sea, or legally leave China and head to SK or the US depending on the nationalities of the extraction team (I’m convinced a South Korean PMC would be the go to group for this scenario). Unfortunately, China is a far as we can bring the asset and his family. They will have been briefed ahead of time that they are on their own once in China’s borders and if caught they will be considered illegal aliens and deported back to NK. We should do our best to hook them up with a local member of the NK Underground Railroad. But, once outside of NK, our obligations to the asset have been fulfilled.
Now, the good and bad of this scenario is that we rely heavily on our asset, the North Korean officer.
The good is that he has a lot to gain if he is successful and he loses everything if he is compromised. This ensures that he is going to try his damnedest to be at that rendezvous point.
The bad is that there is a single point of failure. If he is compromised, that’s it. We have no plan B besides starting over with another asset. By that time, I expect our targets will have been moved to a more secure local, meaning (at least) serveral more months of basic information gathering before we can try again.
To be continued…
If you don’t have something of value to an intruder, you probably don’t do anything worth keeping you in operation.
— Richard Bejtlich
North Korean Extraction Mission Brainstorming Pt. 1
I have been thinking about this for a while, but it took this post by Julie to motivate me into writing this up. Please take a second to read her post if you are unfamiliar with the story.
So, why haven’t we swooped in to save the day? Turns out that North Korea poses some unique challenges for the intelligence community.
For the most part, Kim’s culture of personality (AKA brain washing citizens to worship him like a God) has made human intelligence damn near impossible. We have no (known) North Korean moles or implants. In fact, of the (pathetically low) 1000 active CIA handlers, approximately zero of them run intel against North Korea.
The second big hurtle we face is Kim’s extreme isolationism. Even if there are some North Koreans unconvinced of Kim’s Godhood, they have no idea that a better place exists. The people who are caught attempting to escape are made harsh examples of leaving the impression that if there is somewhere better, it probably isn’t worth it to try and get there.
One giant advantage we have is our relationship with South Korea. I haven’t been able to dig up any info on their intelligence gathering capabilities, outside of the facts that they speak the language (lack of Korean speakers is another one of the CIA’s counter-intel barriers) and understand the culture. Not to mention the obvious: location.
Of course, a mission like this would need to be run covertly by either an agency like the CIA which will deny involvement if compromised, or, due to the civilian nature of the situation, a Private Military Contractor (PMC).
I have read academic papers on the rise of PMC’s in South Korea, but was unable to find one on the web due to my shoddy Korean. However, I’m sure they exist because South Korea has one of the World’s largest and most advanced militaries.
I’ve been brainstorming extraction scenarios, keeping these factors in mind. More posts to come…
Dear employer,
I’M A SECUIRTY ENGINEER. THIS IS WHAT YOU PAY ME TO DO. Please allow me to view “hacking” websites, considering it’s part of my effing job description.
kthnxbai
Establishing your social media presence with security in mind
The article starts on page 100 of the pdf and focuses on corporate security. Corporate use of social media brings some interesting risks, ones that traditional security defenses can’t necessarily protect you from.
Reputation damage is by far one of the most interesting risks businesses take in the SM realm, but the only real defense is to admit mistakes quickly, acknowledge a problem and offer effective solutions.
SpinHunters is part of the GNUCitizen network and specializes in reputation protection, which is like PR meets security.
While I’m on the topic, let me put some basic social media security tips out there for the individual.
-Don’t publicize your birthday. Many things require your birthday as a means to access your accounts. Utilities, banking etc. require this information to confirm your identity over the phone. Also, some websites only require a birthday to reset a password.
-Have a default answer for security questions and use it as a second password, not the actual answer to the question. So for example, if the website asks for the name of your first pet or mother’s maiden name to reset a password, use your secondary password as the answer. Extracting things like your first kiss, pet, car, etc. is relatively simple for a social engineer.
-Be aware of who you allow to see profiles where you divulge a significant amount of information about yourself. Examples include facebook and linkedIn. These can include school/work info, birthdays and photos (see: reputation protection). If you are going to add people you don’t know, try to take advantage of the network’s built in secuirty features like limited profiles.
-Be aware of the information you share. These ‘24 things about me’ surveys are a social engineer/phisher’s wet dream.
Article link via Liquidmatrix
JavaScript Encyrption - Take private blog posts to the next level
Check it out, using 256 AES encryption, you can make sure private posts are never crawled by bots, seen by site admins or stored on severs. The decryption is all done in the browser and your post will expire along with the session.
Example, key = C4S9XcRZ: (tumblr users will need to click through, as the javascript is referenced in my template but not the dashboard)
Also note that because tumblr escapes <div> tags out of your custom html, you will need to change the code provided by the encryption program. I just changed the <div> to a <p> tag, keeping the the id and title the same.
