Archive for February, 2010

psych0tik releases GoogleSharing proxy

Sunday, February 7th, 2010

A few weeks ago we released a post on staying anonymous online through the use of various configuration changes and Firefox add-ons. One of the Firefox add-ons mentioned was the GoogleSharing proxy add-on. This allows Firefox to reroute unauthenticated requests to Google services through a community proxy that hides your identity while you browse the internet. This add-on is still in beta, so we browsed the source and did a few tests with tcpdump to ensure that it was infact doing what it claimed to be.

GoogleSharing will reroute the following Google services (however, it can be configured not to reroute requests to specific services):

  • Maps
  • Groups
  • News
  • Video
  • Products
  • Images
  • Finance

This is a really neat concept for staying anonymous from Google. The proxy itself masks your IP address, cookies and other headers so that even while logged into other Google services, such as Gmail, searches are not linked to you. We validated this through the use of tcpdump [see figure 1 and 2(generated by Wireshark)] and you can also validate it based on the different appearance of Google web pages, including the link for “Sign Out” which reads “Sign In” with GoogleSharing enabled.

Figure 1 – GoogleSharing is disabled. We can see the lookup of google.com via DNS and then the request (with the search string) being sent to an IP address returned from the DNS request

Figure 2 – GoogleSharing is enabled (however, not using SSL.) We can see the lookup of the psych0tik development proxy, storm, and the following request to storm’s IP address with the Google search.

You can access the psych0tik GoogleSharing proxy by adding it to your proxy list.

Proxy Server: storm.psych0tik.net

Non-SSL Port: 8080

SSL Port: 8443

If you choose to use the proxy in SSL mode (highly recommended), you will need to do the following:

  1. Browse to https://storm.psych0tik.net:8443
  2. When prompted, add an exception for the SSL certificate
  3. Verify under GoogleSharing’s options for the psych0tik server that “use SSL” is enabled
  4. Enjoy!

If you have any questions or issues please contact a psych0tik staff member via our psych0tik IRC. We’ve established #googleshareproxy to provide general chat with regards to this service.

-psych0tik Staff

Tags: , , , , , , , , ,
Posted in psych0tik News | No Comments »

CSI releases first in a new series of whitepapers

Wednesday, February 3rd, 2010

The Cyber Secure Institute (CSI), a group looking to raise awareness about cyber security, has released it’s first whitepaper in a new series about cyberwar. This whitepaper, written by retired USAF General Eugene Habiger, addresses the need for a new approach towards viewing cyberwar. Gen. Habiger goes on to validate his claims with real-world examples, showing that our “rotary-phone-era stratgies are not well suited for today’s digital world.”

One of the main focuses of this whitepaper is showing that our tried-and-true methodologies of preemption and deterrence aren’t well suited to digital warfare. While both shouldn’t be left out of the cyberwarfare playbook, General Habiger builds the case for needing an alternative that is more suited for the digital battle ground.

Preemption relies on being able to detect an attack before it happens and respond in a way that prevents the attack. In the physical world preemption is a game of “I spy” watching troop movements and gathering intelligence; then responding with force directed at the aggressor. When we look at a similar strategy in the digital world, it becomes much more difficult. Detection before-the-fact because a bit more of a guessing game. It’s very possible to create or recruit a botnet, discover an 0-day, or gather intelligence on a target without any visible or detectable signs. Beyond simply finding a cyberattack in order to preempt it, there also are issues inherent in the response. In many cases attackers may be distributed across various nations (including the one being attacked) making it very hard to deliver a decisive blow and stopping the attack all together.

Deterrence, on the other hand, has a lot to do with stopping an attacker in the planning stages of an attack. The idea is when an attacker looks to make a move, they have to take into account the repercussions of their decision. To take a page from the history books, the cold war is a perfect example of deterrence. Any nation foolish enough to launch an offensive nuclear weapon would be met in kind. When we try and map this concept to the cyberwar, we reach an interesting conclusion: we’ve got a lot more to lose than they do and as with preemption, we have to be able to know who did it.

General Habiger concludes the paper with a call to arms for inherent security – security that is built in, not an after thought. He goes on to suggest that security be made so inherent that the basics would be taught in school or shown as public service announcements. This “paradigm shift” to inherent security creates an environment where security is within every layer of the internet, from the end-user to the hardware an application runs on. While such a methodology provides no obvious offensive strategies, it does harden the infrastructure and provide a much more appropriate defense.

References:

Cyber Secure Institute home page

Cyberwarfare and Cyberterrorism: The need for a new U.S. strategic approach – Gen. Habiger

Summary of Gen. Habiger’s 10 main points

Tags: , , , ,
Posted in Reviews | 1 Comment »