Posts Tagged ‘Technology’

SOFT ROBOTS THAT can grasp delicate objects, computer algorithms designed to spot an “insider threat,” and artificial intelligence that will sift through large data sets — these are just a few of the technologies being pursued by companies with investment from In-Q-Tel, the CIA’s venture capital firm, according to a document obtained by The Intercept.

Yet among the 38 previously undisclosed companies receiving In-Q-Tel funding, the research focus that stands out is social media mining and surveillance; the portfolio document lists several tech companies pursuing work in this area, including Dataminr, Geofeedia, PATHAR, and TransVoyant.

Those four firms, which provide unique tools to mine data from platforms such as Twitter, presented at a February “CEO Summit” in San Jose sponsored by the fund, along with other In-Q-Tel portfolio companies.

Full Story @ [The Intercept]

VICE News ran a story about a gang in Detroit, Michigan that was nabbed partly due to their use of social media. This of course caught my attention so I clicked the link to the indictment papers and began to have a read. I find court documents completely fascinating. It’s a weird hobby I will admit. However, I am always one of those people that likes to read more into a story, dig for background, and understand more of the peripheral players, locations and other details. Indictment papers are one of those documents that can help you do all of this. Aside from learning far more about news stories that interest you, this can be exceedingly useful if you are in law enforcement or you’re a journalist and a particular story pops up that interests you. Sometimes digging through a completely different case than one you’re currently working on can give you ideas, or help to hone some of your search skills. As well, a lot of folks taking OSINT training have a tough time finding something to apply their skills to, they can only creep on their own accounts or friends for so long before it becomes boring and repetitive.

There are cases where you can write code to kick off the whole process (such as what I did with Bin Ladin’s Bookshelf) but there are other times that you are going to want to spend some time figuring out where to target your automation. This requires a bit of critical reading, and an eye for extracting relevant pieces of information. Let’s use these indictment papers and do some quick Twitter investigating to see if we can locate other interesting people potentially associated to the folks that are locked up.

Full Story @ [Automating OSINT]

A witness told police that two of the distinct white and light blue cars from the Car2Go fleet had fled the scene after 22-year-old Daerius Churchill was gunned down Jan. 4 on the corner of Bruce Randolph Avenue and St. Paul Street.

A surveillance camera at a nearby business recorded three of the vehicles in the area, according to a search warrant affidavit.

Officials with Car2Go in Denver told detectives that GPS tracking systems on the car allow them to identify which cars are moving at any given time, the search warrant said. That should have narrowed the list to investigate.

However, the detective wrote in his affidavit that he and the Car2Go manager uncovered multiple cars that had been rented under fictitious names through a call center.

The company told police it records phone conversations between its representatives and customers. It also logs the caller ID numbers, the search warrant affidavit said.

Car2Go customers are vetted through an online application process, said Dacyl Armendariz, a company spokeswoman.

“It’s not like just anybody can jump in a car and drive away,” she said.

Full Story @ [Denver Post]


Although many of the practices I describe here could be used in just about any environment, a few of them are specific to EC2, but even then, you may find ways to map these notions to other cloud environments. Most of these practices revolve around Security Groups. EC2 Security Groups can be thought of in some ways like a VLAN in a traditional network. With Security Groups, you can create firewall settings to block incoming traffic to specific ports for all servers that are members of a specific group. Unlike traditional VLANs, you can create firewall rules within Security Groups that block traffic between members of that group. Servers can be members of multiple Security Groups, although it’s important to know that Security Groups are assigned only when an instance is created—you can’t add or remove Security Groups from an instance after you create it.

Finally, I never store a secret in my userdata file. Often when you spawn a server in EC2, you provide the server with a userdata file. A number of AMIs (Amazon Machine Images—the OS install image you choose) are configured to execute the userdata script. Although in some cases this file is used to pass specific configuration values on to the server, many people (myself included) use the file as a post-install script. In my case, I use it to configure my configuration management system (Puppet) and from that point on let it take over the configuration of the system. What you may not know is that the contents of the userdata script are available via an API call to any user who is on the system throughout the life of the instance. If you use the userdata file to inject any sort of secrets (certificates or SSH private keys, passwords or shared secrets the system uses in its configuration, or anything you wouldn’t want a regular user to see), those secrets will be visible to any user on the system. In fact, if you happen to use Puppet yourself (or otherwise have facter installed on the system), facter itself will return the contents of that userdata script for you.
Handling Secrets

It’s incredibly important to think about how you manage secrets in a cloud environment beyond just the userdata script. The fact is, despite your best efforts, you still often will need to store a private key or password in plain text somewhere on the system. As I mentioned, I use Puppet for configuration management of my systems. I store all of my Puppet configuration within Git to keep track of changes and provide an audit trail if I ever need it. Having all of your configuration in Git is a great practice, but the first security practice I recommend with respect to secrets is to avoid storing any plain-text secrets in your configuration management system. Whenever possible, I try to generate secrets on the hosts that need them, so that means instead of pushing up a GPG or SSH key pair to a server, I use my configuration management system to generate one on the host itself.

Full Story @ [Linux Journal]