tag:blogger.com,1999:blog-56797698813873822712024-02-18T17:47:35.256-08:00Computer security and technology by Amitay Danבלוג אבטחת המידע והטכנולוגיה של אמיתי דן
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comBlogger66125tag:blogger.com,1999:blog-5679769881387382271.post-18505500754416923672024-02-04T14:43:00.000-08:002024-02-04T14:41:33.289-08:00המצור הדיגיטלי של טינדר על רצועת עזה והאזורים שמעבר לקו הירוק, ומה הקשר לצפון קוריאה?<div dir="rtl" style="text-align: right;" trbidi="on">
<div dir="rtl" id="docs-internal-guid-a0fd2412-07c2-8ff9-d087-c62a9416df29" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<div dir="ltr" style="text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">For my English reader: I've found that Passport </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">feature which is part of <a href="http://blog.gotinder.com/untitled-2/" rel="nofollow" target="_blank">Tinder Plus services</a>, is not supported in Gaza and behind the green line in Israel. </span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">In north Korea the service is supported but no users has been found.</span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">It seems that Tinder has their own virtual and digital blockade on Gaza Strip, and they added the area behind the green line into the party.</span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">A request for response has been sent to them, so update will be attached as soon as I will get one. </span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">As for Graphic attachment, you can </span></span><span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"><span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">find </span></span> it below</span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"><br /></span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"> </span></span><br />
<div class="separator" style="clear: both; text-align: center;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0IDAbqZq6xS8TuEok3_lOlt3XHqNSsgO00k8hJbPEkLKgAwOtqiD_jCFRB6wYsxHiIfRvWr_62gzUe3vr4WML-89kXR8_3HQk4lr1jsI9Bqr86xQsSlBXT7duOS3x3jit-Gql7RhrpyDz/s1600/Tinder+Plus++The+Next+Level+of+Tinder.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0IDAbqZq6xS8TuEok3_lOlt3XHqNSsgO00k8hJbPEkLKgAwOtqiD_jCFRB6wYsxHiIfRvWr_62gzUe3vr4WML-89kXR8_3HQk4lr1jsI9Bqr86xQsSlBXT7duOS3x3jit-Gql7RhrpyDz/s320/Tinder+Plus++The+Next+Level+of+Tinder.png" width="224" /></a></span></span></div>
</div>
<span style="color: white;"><br /></span>
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">לפני כמה חודשים</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">שכנעו אותי ש</span><a href="https://www.gotinder.com/" style="text-decoration: none;"><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline;">Tinder</span></a><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">זה הבר החדש</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">והמקום האולטימטיבי להיכרויות</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">. </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">הסטיגמה פחות עניינה אותי</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">יותר חששתי מההשלכות על הפרטיות</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">אבל הסקרנות גברה אז התחברתי</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">.</span></span></div>
<div dir="rtl" id="docs-internal-guid-a0fd2412-07c2-8ff9-d087-c62a9416df29" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><br /></span></div>
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">אם</span><a href="https://twitter.com/popshark1" style="text-decoration: none;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline;">עקבתם</span></a><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"> אחרי</span><a href="http://popshark11.blogspot.co.il/" style="text-decoration: none;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline;">בעבר</span></a><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">כנראה שהבנתם שלרוב דברים שאני משתמש בהם מתגלים כפרוצים ברמות שונות</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">או שצצות בעיות אחרות ככה שזה היה רק עניין של זמן עד שמשהו מעניין יתגלה גם ב</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Tinder.</span></span></div>
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">בכנות</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">כנראה זה אני ואולי הפלטפורמה </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">- </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">אבל עד עכשיו מעבר לכמה דייטים כושלים</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">השימוש בה מרגיש בעיקר כמו מעבדת פסיכולוגיה שסטודנטים מרוויחים בה כמה שקלים על לחיצה על כפתורים</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">מה שכן אין לזלזל בעצמה של הפלטפורמה ולמדתי הרבה על הטעם שלי</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">.</span></span></div>
<span style="color: white;"><br /></span>
<br />
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">לאחרונה בחרתי לנצל את היכולות הנוספות שטינדר מציעה למנויים בתשלום</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">ולטייל בעולם דרך האפליקציה וזאת בעזרת תכונה הנקראת</span><a href="http://blog.gotinder.com/untitled-2/" style="text-decoration: none;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"> </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline;">Passport</span></a><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">.</span></span></div>
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">כמה פרופילים שנתקלתי בהם ציינו שהם לא מחפשים שום דבר מעבר לצפייה באנשים ממדינות שונות ככה שהחלטתי להצטרף למסע</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">.</span></span></div>
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"><br /><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">לאחר שעברתי מדינות כמו קפריסין בולגריה, </span>סקרן אותי להבין מה קורה אצל השכנים שלנו בעזה</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">האם מישהו שם מעז להשתמש באפליקציה שקוראת תיגר על המוסר</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">? </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">ובכלל מה המצב במדינות שפיזית אסור להיכנס אליהן לאזרחים ישראלים</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">או שהן טוטליטריות יותר כמו צפון קוריאה</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">. </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">ז</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">"</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">א מה היחס שם לפתיחות מינית בין אנשים</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">האם זה משהו כמו ב</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">1984?</span></span></div>
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><br /></span></div>
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">הסתבר לי שבצפון קוריאה ניתן להשתמש בפיצ</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">'</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">ר </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Passport </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">אבל אין שם נשים</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">מגיל </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">18 </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">ועד </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">55+, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">כדי להבין האם זה גורף הרחבתי את החיפוש לגברים ונשים וגם כאן קיבלתי הודעה שלא נמצאו תוצאות מתאימות </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">(</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">ברדיוס של </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">75 </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">קילומטר מעיר הבירה</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">).</span></span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS3S51x7L0O5HyDgDep48QY5rHi5z0C1B8jbUdfsBn1XODNaUlKSxSUJobFc-wtNgdjwafZNTdhf5OK_V1He6Un1iyPrwciP5jbuT1FUe1Zrmh5TV9g46ZpzE0X1HLqjZlfGrEky0wkUSh/s1600/1+%25281%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgS3S51x7L0O5HyDgDep48QY5rHi5z0C1B8jbUdfsBn1XODNaUlKSxSUJobFc-wtNgdjwafZNTdhf5OK_V1He6Un1iyPrwciP5jbuT1FUe1Zrmh5TV9g46ZpzE0X1HLqjZlfGrEky0wkUSh/s320/1+%25281%2529.jpeg" width="225" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTYMERlyrIC1qDiiBBtnkNytSTbChp-lkYXyf3q6K5J_Oqzb8Dcc7vCcZ_kKlHHqAnoeK-VJCVaf1JNP9r7tuL9Dh_YhUJGs1cLBTB6d4UbYOkBbsTH0raoZmYU_YHliuTYMR3H7IUpSls/s1600/1+%25282%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTYMERlyrIC1qDiiBBtnkNytSTbChp-lkYXyf3q6K5J_Oqzb8Dcc7vCcZ_kKlHHqAnoeK-VJCVaf1JNP9r7tuL9Dh_YhUJGs1cLBTB6d4UbYOkBbsTH0raoZmYU_YHliuTYMR3H7IUpSls/s320/1+%25282%2529.jpeg" width="226" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUnaPMao3sB4qHX79zEgbyTGZm7KAWE5QSMgH4O_Iiqkr2WvD3sp2ubMwaLYNRRxOddLi5Xoq_Qf582umQsfk7-XiYpkGJoLuFsp3Mo3oLTR7j9Oqvm6V2SUK6EgLzXmSgQ5IidUEdTeCN/s1600/1+%252822%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUnaPMao3sB4qHX79zEgbyTGZm7KAWE5QSMgH4O_Iiqkr2WvD3sp2ubMwaLYNRRxOddLi5Xoq_Qf582umQsfk7-XiYpkGJoLuFsp3Mo3oLTR7j9Oqvm6V2SUK6EgLzXmSgQ5IidUEdTeCN/s320/1+%252822%2529.jpeg" width="226" /></a></div>
<br />
<br />
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">במקביל בדקתי את רצועת עזה</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">והסתבר שהאפליקציה מסרבת לתת לי לעבור לשם</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">. </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">סוג של סגר דיגיטלי</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">.</span></span></div>
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">למרות שמצאתי גם אזורים מעבר לקו הירוק</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">שבהם האפליקציה לא מאפשרת שימוש בפיצ</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">'</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">ר</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">הייתי צריך סיעור מוחות עם ידידה שלי כדי להבין שמסתבר שמדובר כאן במשהו גורף ולא מקומי בעזה – האפליקציה מונעת שימוש בפיצ</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">'</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">ר </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Passport </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">באזורים שהם מעבר לקו הירוק </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">(</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">שמסומן באדום</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">) </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">ובאופן משלים גם מונעת כל גישה מהעולם הדיגיטלי החיצון לרצועת עזה</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">.</span></span><br />
<span style="color: white;"><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">אגב, הקו הירוק זה 1949 ולא 67...</span></span></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMfdQT9zwf-qbG86WxtMFXS2Zuzr7QayXUB9hQTOvuYiMr-8ecFOPYwN4Nnu5jlKi0bdzFS69pjfIf0UnoHhcgIejmiLDW4s-bn1qEozRMTgRTGqvuz88A5Nn7wlVPUIcHFFG1sZDaHHD-/s1600/1+%25283%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMfdQT9zwf-qbG86WxtMFXS2Zuzr7QayXUB9hQTOvuYiMr-8ecFOPYwN4Nnu5jlKi0bdzFS69pjfIf0UnoHhcgIejmiLDW4s-bn1qEozRMTgRTGqvuz88A5Nn7wlVPUIcHFFG1sZDaHHD-/s320/1+%25283%2529.jpeg" width="227" /></a></div>
<br />
<br />
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">זה אולי נראה לכם נורמלי</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">אבל תחשבו מה המשמעות של מניעת שירות שכזו מול אוכלוסיות שלמות</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">ז</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">"</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">א לא מדובר פה על פגיעה כלכלית אלא על מניעת שימוש בחלקים מסוימים של אפליקציית הכרויות מבוססת מיקום</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">פשוט כי נולדת במקום הלא נכון</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">.</span></span></div>
<span style="color: white;"><br /></span>
<br />
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">אישית לא נתקלתי בתופעה כזו של חרם דיגיטלי</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">הכרתי חנויות שלא שולחות לישראל</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">מגדירות אותה כפלסטין</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">. </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">אבל כאן מדובר יותר במניעת מעבר של אווטרים לאזורים עם מחלוקת</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">או באופן בוטה יותר </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline;">מצור דיגיטלי</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">.</span></span></div>
<span style="color: white;"><br /></span>
<br />
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">כששיתפתי חבר נוסף בנושא</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">הוא חשב על רעיון דומה לזה שחשבתי עליו קודם</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">איך אוכלוסיות באזורים ממודרים יוכלו להיפגש באופן בטוח</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">. </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">לדוגמא</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">עזתים שירצו להיפגש פיזית בעזרת </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Tinder, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">מבלי שהרשויות יאתרו אותם </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">(</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">נכון לעכשיו לא הצלחתי לשלול שימוש ברצועת עזה ללא מעבר ממקום למקום</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">)</span></span></div>
<span style="color: white;"><br /></span>
<br />
<div dir="rtl" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: right;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">מאחר שהתברר שצפון קוריאה הינה שטח הפקר</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">ללא משתמשים מתברר שהמפגשים הכי בטוחים של תושבי עזה שירצו להשתמש באפליקציה</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">יוכלו להתבצע אחרי שימוש ב</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">VPN </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">הורדת האפליקציה</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">רכישת מנוי וקביעת מקום מפגש ווירטואלי </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">(</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">שאולי יוביל לפיזי</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">) </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">בצפון קוריאה שהינה מדינה חסרת משתמשים נכון לבדיקות שנערכו ביומיים האחרונים</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">במקביל אפשר לבחור אי כלשהו</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">שאפשר לעבור אליו אך הוא ללא משתמשים כמעט</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span></span></div>
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">כל זה בהנחה ששני אנשים שעוברים לנקודה כלשהי</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">, </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">אך לא נמצאים בה פיזית </span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">- </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">יוכלו להיפגש ווירטואלית</span><span style="background-color: transparent; font-family: "times new roman"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"> </span></span><br />
<br />
<span style="color: white;"><br /></span>
<span style="color: white;">עדיין נשארו שאלות<span style="font-family: "times new roman" , serif;">,
</span>כמו האם יש משתמשים בעזה<span style="font-family: "times new roman" , serif;">,
</span>ומה בפועל עושה <span style="font-family: "times new roman" , serif;">Tinder
</span>בכדי לאפשר שימוש בשירותים שלה במדינות
בעייתיות<span style="font-family: "times new roman" , serif;">, </span>או
באזורים שבהם משתמשים יירדפו בגלל הימצאותם
באפליקציה</span><br />
<span style="color: white;"><br /></span>
<span style="color: white;"><br /></span>
<span style="color: white;">בקשה לתגובה נשלחה ל </span><span style="color: white;"><span style="color: white;"><span style="font-family: "times new roman" , serif;">Tinder </span></span> <span style="font-family: "times new roman" , serif;">ונענתה לאחר מספר ימים,שמדובר באשמת גוגל</span></span><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0e_M9br2j_LvFPR1I7giqT6p0zl2MhmtjBBDCf7XXKzsSqm5bJCREUR6bQ5-jBR-Aa6U0h-i0xjySw2Le3gajvBA-Yvy9gHHrzA54SAUE19n-So_weO5r8JrRdcSpDavcmVkZFZOwUt7v/s1600/1+%25284%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0e_M9br2j_LvFPR1I7giqT6p0zl2MhmtjBBDCf7XXKzsSqm5bJCREUR6bQ5-jBR-Aa6U0h-i0xjySw2Le3gajvBA-Yvy9gHHrzA54SAUE19n-So_weO5r8JrRdcSpDavcmVkZFZOwUt7v/s320/1+%25284%2529.jpeg" width="223" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwaqpl6YOgmZwh1EZtlWkeTeK_YLh7iFHWZZVrsDgCDAlsWFmCjedxifuUiHUr4m94jCtOK5PQv7TcZPj23e1_sQGD7bBxNSejuZKoc5vy9-MCvOykOgy2f2vKeA54xzwT_U4HAnaMTfXl/s1600/1+%25285%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjwaqpl6YOgmZwh1EZtlWkeTeK_YLh7iFHWZZVrsDgCDAlsWFmCjedxifuUiHUr4m94jCtOK5PQv7TcZPj23e1_sQGD7bBxNSejuZKoc5vy9-MCvOykOgy2f2vKeA54xzwT_U4HAnaMTfXl/s320/1+%25285%2529.jpeg" width="227" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0gNIUY8oIzZaVxB3LKbMq6rbORoWPzWemm4amLbSIqSFsi05J3OtM4Zjkj3ij1WJjLZ4fKTSrTfCuuBcbjKLSJDDlB3varLRZJll2sRD0nDNqBlO6u1FuQ_Y4M7oaFx52A9-p6KNCj0N2/s1600/1+%25286%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj0gNIUY8oIzZaVxB3LKbMq6rbORoWPzWemm4amLbSIqSFsi05J3OtM4Zjkj3ij1WJjLZ4fKTSrTfCuuBcbjKLSJDDlB3varLRZJll2sRD0nDNqBlO6u1FuQ_Y4M7oaFx52A9-p6KNCj0N2/s320/1+%25286%2529.jpeg" width="224" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFfEEMHa401imuwokfRhoJFW7taNrf8vIC2GZEzCN-rp24RsV-jVZWt84KP2_LKH5EdqctMb4gFi4yji-S8ycgBj-5BEWiH1r03-ku0lZA_dhgGEncAXLMB_hyGXFek9cibnxcRAjNMRtT/s1600/1+%25287%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgFfEEMHa401imuwokfRhoJFW7taNrf8vIC2GZEzCN-rp24RsV-jVZWt84KP2_LKH5EdqctMb4gFi4yji-S8ycgBj-5BEWiH1r03-ku0lZA_dhgGEncAXLMB_hyGXFek9cibnxcRAjNMRtT/s320/1+%25287%2529.jpeg" width="225" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyUSHuiVX1HXOvwYFt6HdxLCPU68PtHwNO6lW-0MSK8Heh2k0dwliN1FcW1FD6Jml0mPwktUNyAuyjnCHMjeYf7z1YJ-HFZJVWOWHdWcsf01CevmL5LvHgVGbXHkECMZ9rYJOG8hKeHqak/s1600/1+%25288%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhyUSHuiVX1HXOvwYFt6HdxLCPU68PtHwNO6lW-0MSK8Heh2k0dwliN1FcW1FD6Jml0mPwktUNyAuyjnCHMjeYf7z1YJ-HFZJVWOWHdWcsf01CevmL5LvHgVGbXHkECMZ9rYJOG8hKeHqak/s320/1+%25288%2529.jpeg" width="226" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQolffhi9bD6rSwtwuo5XLCYHXOLcwwVpFGDBJ0wRWa-hCU7AKkYD5zfID1NdK0McmhZeMA8zqiQ1_Jezy-8AoL54kXJY3XYMEvC7z6GvhreRJy06lv6lJVPkUB35-fLPR7AzIthGJbKsL/s1600/1+%25289%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQolffhi9bD6rSwtwuo5XLCYHXOLcwwVpFGDBJ0wRWa-hCU7AKkYD5zfID1NdK0McmhZeMA8zqiQ1_Jezy-8AoL54kXJY3XYMEvC7z6GvhreRJy06lv6lJVPkUB35-fLPR7AzIthGJbKsL/s320/1+%25289%2529.jpeg" width="226" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7LjoexerJi_dKBoK__T13PUeRE28N2wCnUrt64qFXDxhVVVStXhphAplSohkqU6EiMzMSeh_iUV0iC1pmL2curXtGhajdlO86qQ__XKJ5lS44bY7OJdU2dQtwavdCYlomo8XceQV7tvy5/s1600/1+%252810%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi7LjoexerJi_dKBoK__T13PUeRE28N2wCnUrt64qFXDxhVVVStXhphAplSohkqU6EiMzMSeh_iUV0iC1pmL2curXtGhajdlO86qQ__XKJ5lS44bY7OJdU2dQtwavdCYlomo8XceQV7tvy5/s320/1+%252810%2529.jpeg" width="225" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUsbMj2dxwsbuAFz7EV-qSEV6kyyD2hJHU5F5glqkEmZDagJCIVZmzXBVw713lIyDMY_py6FC2N2gTPRUKGdHFrM2ToDfgqhQpozRS_DbGM8oC8wQ9Jny8SpnDfDyHmxgKLSD_wlzfqojs/s1600/1+%252811%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUsbMj2dxwsbuAFz7EV-qSEV6kyyD2hJHU5F5glqkEmZDagJCIVZmzXBVw713lIyDMY_py6FC2N2gTPRUKGdHFrM2ToDfgqhQpozRS_DbGM8oC8wQ9Jny8SpnDfDyHmxgKLSD_wlzfqojs/s320/1+%252811%2529.jpeg" width="224" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVbIofr8-ghlePn0n9IPPxVzKz9Y7pL0LQs003bLYGrHdC0Zr4KnG5wAuKmZLuYRCwTWjaSRB6XXwjRzYJU7LYOZQniUYAVDVK_Pnq4SSLug6V6Lriite9Db-IUJOXBT6ajBbytE97jIuG/s1600/1+%252812%2529.jpeg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVbIofr8-ghlePn0n9IPPxVzKz9Y7pL0LQs003bLYGrHdC0Zr4KnG5wAuKmZLuYRCwTWjaSRB6XXwjRzYJU7LYOZQniUYAVDVK_Pnq4SSLug6V6Lriite9Db-IUJOXBT6ajBbytE97jIuG/s320/1+%252812%2529.jpeg" width="228" /></a></div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-43551031095060926602021-09-30T21:36:00.011-07:002021-10-02T18:51:40.786-07:00Wifi Sensing and 802.11bf<div dir="rtl" style="text-align: right;">מה אתם יודעים על WiFi_Sensing# ותקן 802.11bf# ?</div><div dir="rtl" style="text-align: right;"><b><br /></b></div><div dir="rtl" style="text-align: right;"><b><a href="https://en.m.wikipedia.org/wiki/WiFi_Sensing" target="_blank">WiFi Sensing</a> </b></div><div dir="rtl" style="text-align: right;"><p dir="rtl"><b><br /></b></p><p dir="rtl"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYc0JC6gdF8tZWU6XmCG47iGLjDydRY7GjAMU_1xSX8NcDLQ4TWZczP04xQKFXsltAGF18TOIhyphenhyphenEW9y3GReolUITUO1WX6u3J4tNjEMvmWTEgwd93MW93GtnIJPB-J12bf1xetVhwR-lk-/s781/Capture%252B_2021-09-28-13-09-15.png" style="display: block; padding: 1em 0px; text-align: center;"><img alt="" border="0" data-original-height="781" data-original-width="707" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYc0JC6gdF8tZWU6XmCG47iGLjDydRY7GjAMU_1xSX8NcDLQ4TWZczP04xQKFXsltAGF18TOIhyphenhyphenEW9y3GReolUITUO1WX6u3J4tNjEMvmWTEgwd93MW93GtnIJPB-J12bf1xetVhwR-lk-/s320/Capture%252B_2021-09-28-13-09-15.png" /></a></p><div dir="rtl"><div>ב<a href="https://m.calcalist.co.il/Article.aspx?guid=3604486" rel="" target="_blank">2013</a> חוקרים מאוניברסיטת וושינגטון, <a href="http://wisee.cs.washington.edu/wisee_paper.pdf" target="_blank">פרסמו מחקר</a> <a href="https://www.washington.edu/news/2013/06/04/wi-fi-signals-enable-gesture-recognition-throughout-entire-home/" rel="" target="_blank">המדגים</a> יכולת לזהות תנועה של אובייקטים, לפי ניתוח שינויי אותות WiFi (ללא צורך ב <a href="https://he.wikipedia.org/wiki/%D7%A8%D7%97%D7%A8%D7%97%D7%9F" rel="" target="_blank">sniffing</a> של התקן רדיו אחר) הכינוי שלהם לטכנולוגיה היה "<a href="https://wisee.cs.washington.edu/#faq" rel="" target="_blank">WiSee</a>", מיקוד המחקר היה <a href="http://wisee.cs.washington.edu/wisee_paper.pdf" rel="" target="_blank">מחוות</a> כמו תנועה של ידיים לצורך שליטה במכשירים.</div><div><br /></div><br /><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/VZ7Nz942yAY" width="320" youtube-src-id="VZ7Nz942yAY"></iframe></div><div dir="rtl"><br /></div><div dir="rtl">במקביל ב2013, מחקר של <a href="http://cspl.umd.edu/kjrliu/" rel="" target="_blank">Professor K. J. Ray Liu</a> מאוניברסיטת מרילנד, פורסם תוך התמקדות באיתור תנועת אובייקטים.</div><div dir="rtl">מאוחר יותר הוא פרסם ספר בשם:</div><div dir="rtl"><a href="https://assets.cambridge.org/97811084/97862/frontmatter/9781108497862_frontmatter.pdf" rel="" target="_blank">Wireless AI: Wireless Sensing, Positioning, and Communications</a></div><div dir="rtl"><br /></div><div dir="rtl"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGI0Qd6wDDAVFDGwIFYUhGSZM_o64ha6Pi5jDws1PXwf74eoj0wKSPvRxflso631hpbHHQitvRAwLDABY9uBO9qT3kkxCVxZPJ2zyb7bB0a_-yn18J8SoPWnRRbiQcSZLFOn5AKPQYdv9y/s877/Capture%252B_2021-10-01-07-16-49.png" style="display: block; padding: 1em 0px; text-align: center;"><img border="0" data-original-height="877" data-original-width="704" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGI0Qd6wDDAVFDGwIFYUhGSZM_o64ha6Pi5jDws1PXwf74eoj0wKSPvRxflso631hpbHHQitvRAwLDABY9uBO9qT3kkxCVxZPJ2zyb7bB0a_-yn18J8SoPWnRRbiQcSZLFOn5AKPQYdv9y/w321-h400/Capture%252B_2021-10-01-07-16-49.png" width="321" /></a></div><div dir="rtl"><br /></div><div dir="rtl">המוצר המסחרי הראשון שיצא לשוק כבר בשנת 2017 על ידי Cognitive Systems היה <a href="http://www.aurahome.com/" rel="" target="_blank">Aura Home</a> כיום המוצר <a href="http://web.archive.org/web/20190123224130/https://www.aurahome.com/" rel="" target="_blank">לא בשיווק</a>.</div><div dir="rtl"><br /></div>באוקטובר 2019 Wireless Broadband Alliance-WBA <a href="https://mentor.ieee.org/802.11/dcn/19/11-19-1994-00-SENS-overview-of-wba-wi-fi-sensing-whitepaper.pptx" rel="" target="_blank">הוציאו</a> <a href="https://wballiance.com/wba-wi-fi-sensing-white-paper-examines-new-technology-that-enables-a-whole-new-use-for-wi-fi/" rel="" target="_blank">White Paper</a> שסוקר את הטכנולוגיה, ומתווה דרך להמשך. כתיבת המסמך בוצעה בהובלת:</div><div style="text-align: left;"><ul><li>Intel</li><li><a href="https://www.cognitivesystems.com/" rel="" target="_blank">Cognitive Systems Corp</a> (WiFi Motion)</li><li>Centre for Development of Telematics (C-DOT)</li></ul></div><div style="text-align: left;"><br /></div><div style="text-align: left;"><div style="text-align: right;">לגבי תקינה, היא נכתבת עכשיו, ונקראת: <a href="https://standards.ieee.org/project/802_11bf.html?utm_source=beyondstandards&utm_medium=post&utm_campaign=working-group-2020&utm_content=802" rel="" target="_blank">802.11bf - WLAN sensing</a>.</div><div style="text-align: right;">הצפי לסיום של הפרוייקט הוא 2024. </div><div style="text-align: right;"><br /></div><div style="text-align: right;"><b>אז מה עושים עם זה?</b></div></div></div><div dir="rtl" style="text-align: right;"><br /></div><div dir="rtl" style="text-align: right;"> בעזרת טכנולוגיית WiFi Sensing ניתן לאתר תנועה של אנשים ועצמים - כולל חיות, תוך התבססות על ניתוח אותות WiFi, ותוך יכולת להטמעה במכשירים קיימים (מסויימים) גם בFOTA ללא שינוי קושחה, וללא צורך ביחידת שידור RF על האובייקט.</div><div class="separator" style="clear: both;"><br /></div><div class="separator" style="clear: both;"><br /></div><div dir="rtl" style="text-align: right;">ל WiFi Sensing יש הרבה ישומים חיוביים (כמו איתור נפילות של זקנים, שיכחת ילדים, איתור גנבים) אבל מצד שני, היא מאפשרת גם לבדוק האם יש תנועה בבית, מבלי להיכנס אליו, וחוסכת את הצורך לרכוש <a href="https://www.detective-store.com/see-through-wall-radar-retwis-43-450.html" rel="nofollow" target="_blank">אמצעים</a> מיוחדים של יחידות טקטיות.</div><div dir="rtl" style="text-align: right;"><br /></div><div dir="rtl" style="text-align: right;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzUqU2oUQRPP2R1Pw9DAHys9JfwXubB5IbekpYlz9dGeNi-tirgnoNBlzdlPUvveLlCpYjqjsQwqO87DxGEGBvNz9bdCnGophWZN0pnik40Xz3JrkVc33h4ppoC0SDxR0oDgyMzi7_lzK5/s715/Capture%252B_2021-09-28-14-53-10.png" style="display: block; padding: 1em 0px; text-align: center;"><img border="0" data-original-height="404" data-original-width="715" height="226" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgzUqU2oUQRPP2R1Pw9DAHys9JfwXubB5IbekpYlz9dGeNi-tirgnoNBlzdlPUvveLlCpYjqjsQwqO87DxGEGBvNz9bdCnGophWZN0pnik40Xz3JrkVc33h4ppoC0SDxR0oDgyMzi7_lzK5/w400-h226/Capture%252B_2021-09-28-14-53-10.png" width="400" /></a></div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/e6C7wEuRl4A" width="320" youtube-src-id="e6C7wEuRl4A"></iframe></div><br /><div dir="rtl" style="text-align: right;"><br /></div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/lbv6uf3jdHw" width="320" youtube-src-id="lbv6uf3jdHw"></iframe></div><br /><div dir="rtl" style="text-align: right;"><br /></div><div dir="rtl" style="text-align: right;"><br /></div><div dir="rtl" style="text-align: right;"> כמו שזה נראה כרגע, העגלה כבר דוהרת ולפני שהתקינה תסתיים ב 2024, יהיו ויש הטמעות של טכנולוגיות שכבר יצאו לשוק, חלקן כהמשך למחקרים שפורסמו. </div><div dir="rtl" style="text-align: right;"><br /></div><div dir="rtl" style="text-align: right;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGznWxk3WcwhqrEL7c1c0uP1Gjuzb1Suti9vhPPN1cISlQEgvxQOzpR9jUVVmuexod1C8HtX9-fCMTHh1X-hv0nh6Dq78pDYeuAEZyyTuj2mNzswAWqLhyphenhyphencua4NX0YfnG8ZtoCOte00-9X/s480/hex-home-redefining-home-security-480x338.jpg" style="display: block; padding: 1em 0px; text-align: center;"><img border="0" data-original-height="338" data-original-width="480" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGznWxk3WcwhqrEL7c1c0uP1Gjuzb1Suti9vhPPN1cISlQEgvxQOzpR9jUVVmuexod1C8HtX9-fCMTHh1X-hv0nh6Dq78pDYeuAEZyyTuj2mNzswAWqLhyphenhyphencua4NX0YfnG8ZtoCOte00-9X/w400-h281/hex-home-redefining-home-security-480x338.jpg" width="400" /></a></div><div dir="rtl" style="text-align: right;"><br /></div><div dir="rtl" style="text-align: right;"><br /></div><div dir="rtl" style="text-align: right;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgWFU4QH-5ucw4JeROXnoHECQhzKssKF8GRjSgpycK-r6FBcGGdjN9pIsxqW76a0VfR8k6ILZO87fgbNRpDFBwB4s4d7SDcnSRA8Fbi4criiKGDjdfyvoCLBCu2X1WaqpRKRYHlJv1z2vw/s1200/aerial.jpeg" style="display: block; padding: 1em 0px; text-align: center;"><img border="0" data-original-height="675" data-original-width="1200" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgWFU4QH-5ucw4JeROXnoHECQhzKssKF8GRjSgpycK-r6FBcGGdjN9pIsxqW76a0VfR8k6ILZO87fgbNRpDFBwB4s4d7SDcnSRA8Fbi4criiKGDjdfyvoCLBCu2X1WaqpRKRYHlJv1z2vw/w400-h225/aerial.jpeg" width="400" /></a></div><div dir="rtl" style="text-align: right;"> חלק מהחברות מנסות להתכחש לבעיות הפרטיות, וטוענות שיש הרבה חיישנים פולשניים אחרים כמו מצלמות אבטחה וגלאים אחרים, ואין כאן בעיה אלא יתרון לעומת המצב הנוכחי. </div><div dir="rtl" style="text-align: right;"><br /></div><div dir="rtl" style="text-align: right;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgR8wsAF1BUQ6UkKYD4kybtkLJGELHvKKd064eD-h91CTKQqjNpkfRgGraZ-jc5Hl_2MGisN3atIiQ24BEhOuTt0ABd5-fDEqarFlbeIZkxiq4ME_OsQGlNJTZl4LxAui8PLxkPlaVoTQW/s1071/Capture%252B_2021-10-01-05-12-41.png" style="display: block; padding: 1em 0px; text-align: center;"><img border="0" data-original-height="1071" data-original-width="714" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgR8wsAF1BUQ6UkKYD4kybtkLJGELHvKKd064eD-h91CTKQqjNpkfRgGraZ-jc5Hl_2MGisN3atIiQ24BEhOuTt0ABd5-fDEqarFlbeIZkxiq4ME_OsQGlNJTZl4LxAui8PLxkPlaVoTQW/w266-h400/Capture%252B_2021-10-01-05-12-41.png" width="266" /></a></div><div dir="rtl" style="text-align: right;"><br /></div><div dir="rtl" style="text-align: right;"> תקן 802.11bf מוכוון ניתוח אותות WiFi וכדאי לשים לב ולחקור את ההשלכות.
מבחינת מעקב, תוקפים יוכלו עקרונית לממש חולשות במכשירי WiFi שונים, ובמקביל לשליטה על ראוטר או מכשיר אחר מבוסס wifi - ולקבל ממנו מידע על תנועת אנשים בבית מרחוק.</div><div dir="rtl" style="text-align: right;"><br /></div><div dir="rtl" style="text-align: right;">קיימים גם פרוייקטים בקוד פתוח כמו:</div><div dir="rtl" style="text-align: right;"><div style="text-align: left;"><a href="https://academic.oup.com/jcde/article/7/5/644/5837600" rel="nofollow" target="_blank">Open Source: Wi-ESP—A tool for CSI-based Device-Free Wi-Fi Sensing (DFWS)</a></div><div style="text-align: left;"><div><a href="https://wrlab.github.io/Wi-ESP/" rel="nofollow" target="_blank">Wi-ESP (CSI Tool) </a></div><div><br /></div></div></div><div dir="rtl" style="text-align: right;"><div style="text-align: left;"><div style="text-align: right;"><br /></div></div></div><div dir="rtl" style="text-align: right;"><div style="text-align: left;"><div style="text-align: right;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpz8jkgEaxT2GQoQWjlpyaVZ73W9n4-fq0jXpeuGnl5b3F0XJkyUpQycw9UeneGOgxjEyqfs-03bpos20qWC4KxruO0tn-sb39Bz9mReaU0V142FuLCnZbdhdabBIxbP-u-G9vG2EpHf1l/s881/Capture%252B_2021-10-01-06-23-49.png" style="display: block; padding: 1em 0px; text-align: center;"><br /><img border="0" data-original-height="881" data-original-width="713" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhpz8jkgEaxT2GQoQWjlpyaVZ73W9n4-fq0jXpeuGnl5b3F0XJkyUpQycw9UeneGOgxjEyqfs-03bpos20qWC4KxruO0tn-sb39Bz9mReaU0V142FuLCnZbdhdabBIxbP-u-G9vG2EpHf1l/w324-h400/Capture%252B_2021-10-01-06-23-49.png" width="324" /></a></div></div></div><div dir="rtl" style="text-align: right;"><div style="text-align: left;"><div style="text-align: right;"><br /></div><div style="text-align: right;"><br /></div><div style="text-align: right;"><br /></div><div style="text-align: right;"><br /></div></div></div><div dir="rtl" style="text-align: right;"><b>חברות מובילות בתחום:</b></div><div style="text-align: left;"><a href="https://www.originwirelessai.com/" rel="" target="_blank">Origin Wireless, Inc</a></div><div style="text-align: left;"><a href="https://www.cognitivesystems.com/" rel="nofollow" target="_blank">Cognitive Systems Corp.</a></div><div style="text-align: left;"><a href="https://aerial.ai/resources/aerial-technologies-announces-the-motion-capture-plug" rel="nofollow" target="_blank">Aerial Technologies</a></div><div style="text-align: left;"><a href="https://www.celeno.com/wifi-doppler-imaging" rel="nofollow" target="_blank">Celeno Communications</a></div><div dir="rtl" style="text-align: right;"><b>מוצרים ייעודיים:</b></div><div style="text-align: left;"><a href="https://myhexhome.com/" rel="nofollow" target="_blank">Hex Home</a></div><div dir="rtl" style="text-align: right;"><b>הטמעה במוצר קצה קיים</b></div><div style="text-align: left;"><a href="https://www.linksys.com/us/linksys-aware/" rel="nofollow" target="_blank">Linksys Aware</a></div><div style="text-align: left;"><a href="https://shop.plume.com/homepass/select-hardware" rel="nofollow" target="_blank">Plume HomePass</a></div><div dir="rtl" style="text-align: right;"><br /></div><div dir="rtl" style="text-align: right;"><b>מקורות למידע נוסף:</b></div><div dir="rtl" style="text-align: right;"><br /></div><div style="text-align: left;">The next big Wi-Fi standard is for sensing, not communication</div><div style="text-align: left;"><a href=" https://staceyoniot.com/the-next-big-wi-fi-standard-is-for-sensing-not-communication/" rel="nofollow" target="_blank"> https://staceyoniot.com/the-next-big-wi-fi-standard-is-for-sensing-not-communication/</a></div><div style="text-align: left;">Avec 802.11bf, des équipements WiFi transformés en capteurs</div><div style="text-align: left;"><a href="https://www.lemondeinformatique.fr/actualites/lire-avec-80211bf-des-equipements-wifi-transformes-en-capteurs-82470.html " rel="nofollow" target="_blank">https://www.lemondeinformatique.fr/actualites/lire-avec-80211bf-des-equipements-wifi-transformes-en-capteurs-82470.html </a></div><div style="text-align: left;">WiSpy: Through-Wall Movement Sensing and Person Counting Using Commodity WiFi Signals</div><div style="text-align: left;"><a href=" https://ieeexplore.ieee.org/document/8589770" rel="" target="_blank">https://ieeexplore.ieee.org/document/8589770 </a></div><div style="text-align: left;">Wi-Fi Devices as Physical Object Sensors</div><div style="text-align: left;"><a href="https://www.schneier.com/blog/archives/2021/04/wi-fi-devices-as-physical-object-sensors.html">https://www.schneier.com/blog/archives/2021/04/wi-fi-devices-as-physical-object-sensors.html</a></div><div style="text-align: left;">
IEEE 802.11bf: Toward Ubiquitous Wi-Fi Sensing </div><div style="text-align: left;"><a href="https://arxiv.org/abs/2103.14918 " rel="nofollow" target="_blank">https://arxiv.org/abs/2103.14918 </a></div><div style="text-align: left;">Wi-Fi devices set to become object sensors by 2024 under planned 802.11bf standard</div><div style="text-align: left;">https://www.theregister.com/2021/03/31/wifi_devices_monitoring/</div><div style="text-align: left;"><a href=" https://news.ycombinator.com/item?id=27121918" rel="nofollow" target="_blank"> https://news.ycombinator.com/item?id=27121918</a></div><div style="text-align: left;">Why Choose Wi-Fi Sensing?</div><div style="text-align: left;"><a href="https://www.onsemi.com/company/news-media/blog/iot/why-choose-wi-fi-sensing">https://www.onsemi.com/company/news-media/blog/iot/why-choose-wi-fi-sensing</a></div><div style="text-align: left;"><br /></div>amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-91097335738373447552020-03-13T01:50:00.000-07:002020-03-13T02:09:20.360-07:00PowerMTA (SMTP Email Server) monitoring interfaces by SparkPost got exposed in Fofa search engine<div dir="ltr" style="text-align: left;" trbidi="on">
<br />
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
</div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<a href="https://www.sparkpost.com/powermta/" rel="nofollow" style="font-family: Arial, sans-serif; font-size: 14pt;" target="_blank">PowerMTA</a> <span style="font-family: "arial" , sans-serif; font-size: 14pt;">is </span><a href="https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol" rel="nofollow" style="font-family: Arial, sans-serif; font-size: 14pt;" target="_blank">SMTP</a><span style="font-family: "arial" , sans-serif; font-size: 14pt;">
Server provided by SparkPost</span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">(Simple
Mail Transfer Protocol Server)<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;">
<span style="font-family: "arial" , sans-serif; font-size: 18.6667px;">55,089 IPs with </span><span style="font-family: "arial" , sans-serif; font-size: 18.6667px;">monitoring interfaces</span><span style="font-family: "arial" , sans-serif; font-size: 18.6667px;"> belong to verity of users and clients of <a href="https://www.sparkpost.com/powermta/" rel="nofollow" target="_blank">PowerMTA</a>, t</span><span style="font-family: "arial" , sans-serif; font-size: 14pt;">he </span><span style="font-family: "arial" , sans-serif; font-size: 18.6667px;">SMTP Email Server</span><span style="font-family: "arial" , sans-serif; font-size: 18.6667px;"> provided</span><span style="font-family: "arial" , sans-serif; font-size: 14pt;"> by SparkPost - </span><span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;">got exposed in <a href="https://fofa.so/" rel="nofollow" target="_blank">FOFA </a>- </span><span style="font-size: 18.6667px;">cyberspace search engine</span><span style="font-size: 14pt;">.</span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;">
<span style="font-family: "arial" , sans-serif; font-size: 14pt;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: 0.0001pt;">
<span style="font-family: "arial" , sans-serif; font-size: 14pt;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiknTFuLR0RRuNAH_luLPRhBKtaRVHKXJJSpqLJv_By-zxreD2gq4sFeV3faKqIUCQp352j8SukAjvTX_VwxF88vMqPp4Vgeb1jSWkfIySAoUt4G_NmQB91vIMTS09vq6YgpjY_1QmQJD6I/s1600/Fofa+13032020+55089ips.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="650" data-original-width="818" height="507" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiknTFuLR0RRuNAH_luLPRhBKtaRVHKXJJSpqLJv_By-zxreD2gq4sFeV3faKqIUCQp352j8SukAjvTX_VwxF88vMqPp4Vgeb1jSWkfIySAoUt4G_NmQB91vIMTS09vq6YgpjY_1QmQJD6I/s640/Fofa+13032020+55089ips.jpg" width="640" /></a></div>
<div>
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><a href="https://forum.port25.com/" rel="nofollow" target="_blank">PowerMTA</a> product background:</span><span style="color: black; font-size: 14.0pt;"><o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Previously
own by <a href="https://www.port25.com/tag/message-systems/" rel="nofollow" target="_blank">Port25 Solutions,Inc</a>.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">which
<a href="https://www.prnewswire.com/news-releases/message-systems-acquires-port25-solutions-inc-300031334.html" rel="nofollow" target="_blank">acquired</a>
<a href="https://www.facebook.com/messagesystems/photos/we-are-very-happy-to-announce-that-message-systems-has-acquired-port25-solutions/856871344356847/" rel="nofollow" target="_blank">during</a>
2015 by <a href="https://www.blogger.com/null" name="_Hlk34979998"></a><a href="https://www.facebook.com/messagesystems/" rel="nofollow" target="_blank"><span style="mso-bookmark: _Hlk34979998;">MessageSystems</span><span style="mso-bookmark: _Hlk34979998;"></span></a>.</span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUk5xRhqNJHcmjRVorLdW5j7bWQ30xi0eyJv3SNjq_IfEQTeq7DQ6B13HKAkx8uX_pzm4vG18NnJOD_qD-nSHx_U9mxCf3e0QyhCGKTow0WzjqdmcQLv8iqb2jtIYe6ovroEKvytFs_e8e/s1600/port251.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="306" data-original-width="851" height="228" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUk5xRhqNJHcmjRVorLdW5j7bWQ30xi0eyJv3SNjq_IfEQTeq7DQ6B13HKAkx8uX_pzm4vG18NnJOD_qD-nSHx_U9mxCf3e0QyhCGKTow0WzjqdmcQLv8iqb2jtIYe6ovroEKvytFs_e8e/s640/port251.jpg" width="640" /></a></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;">Later,
</span></span><a href="https://www.sparkpost.com/" rel="nofollow" style="color: black; font-family: Arial, sans-serif; font-size: 14pt;" target="_blank"><span style="color: black; text-decoration: none;">SparkPost</span></a><span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;"> </span></span><a href="https://www.prnewswire.com/news-releases/message-systems-adopts-sparkpost-as-company-name-for-cloud-business-300132635.html" rel="nofollow" style="color: black; font-family: Arial, sans-serif; font-size: 14pt;" target="_blank">became</a><span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;">
Message Systems new company name for its cloud business, and Port25 products got <a href="https://www.slideshare.net/SparkPost/get-ahead-of-the-game-our-journey-to-rebranding-and-success-174293196" rel="nofollow" target="_blank">re</a></span><span style="font-size: 18.6667px;"><a href="https://www.slideshare.net/SparkPost/get-ahead-of-the-game-our-journey-to-rebranding-and-success-174293196" rel="nofollow" target="_blank">branded</a></span><span style="font-size: 14pt;"><a href="https://www.slideshare.net/SparkPost/get-ahead-of-the-game-our-journey-to-rebranding-and-success-174293196" rel="nofollow" target="_blank"> </a>as well under SparkPost, </span></span><br />
<br />
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqzFuiSXI-DpcqEgPamH1JmxGWYX1-oijhiCErCzhQ4Ib6nM5PRJt6d5tlO2k_K9OiJnKS2zJN_f0OzLgrJtKhHkHFvDIdia6udoQ-NWoFY1CrIOhG3LpnPFjd3rccQL1l7donhufalgCG/s1600/PowerMTA+ad+SparkPost.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="652" data-original-width="1359" height="305" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqzFuiSXI-DpcqEgPamH1JmxGWYX1-oijhiCErCzhQ4Ib6nM5PRJt6d5tlO2k_K9OiJnKS2zJN_f0OzLgrJtKhHkHFvDIdia6udoQ-NWoFY1CrIOhG3LpnPFjd3rccQL1l7donhufalgCG/s640/PowerMTA+ad+SparkPost.jpg" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiTBNdVcyIf_vXyUYK1EhelkLELq5p5bX5xmUv0cetHTzDWH-X-P7MXyEy6BMQtQQygSzouYnE9OFPb-FugHKCHGWykMEhTSUXcmutIWpOiibYnOe7wX5H0KZ7cJOy4CstA2p0PQxt9XP3/s1600/SparkPost+main+screen.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="579" data-original-width="938" height="393" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgiTBNdVcyIf_vXyUYK1EhelkLELq5p5bX5xmUv0cetHTzDWH-X-P7MXyEy6BMQtQQygSzouYnE9OFPb-FugHKCHGWykMEhTSUXcmutIWpOiibYnOe7wX5H0KZ7cJOy4CstA2p0PQxt9XP3/s640/SparkPost+main+screen.jpg" width="640" /></a></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">While
many of the exposed interfaces has logs in read only mode, others have full
control on the interface in admin mode.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Company
got inform more than one time and refuse to handle to issue.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Some
of the clients has in one log file metadata of more than 450,000 emails, so the
estimated is metadata of the exposure is at least hundreds of millions of
listings emails, this numbers can be billions.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Basically,
it's heaven for spammer/scammer and other actors who collect emails for verity
of uses, and that’s why I waited for the company to act, with no success.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Some
of the users seems to be less legitimate and might be spammers and scammer who
are misusing the product.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Many
of the interfaces are running on Linux VPS (Virtual Private Servers)<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">The
exposure can allow potential attacker to gain access to verity of activities
included:<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-left: 47.25pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; tab-stops: list .5in; text-indent: -.25in;">
<!--[if !supportLists]--><span style="color: black; font-family: "symbol"; font-size: 10.0pt;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";"> </span></span></span><!--[endif]--><span dir="LTR"></span><span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Status<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-left: 47.25pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; tab-stops: list .5in; text-indent: -.25in;">
<!--[if !supportLists]--><span style="color: black; font-family: "symbol"; font-size: 10.0pt;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";"> </span></span></span><!--[endif]--><span dir="LTR"></span><span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Queues<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-left: 47.25pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; tab-stops: list .5in; text-indent: -.25in;">
<!--[if !supportLists]--><span style="color: black; font-family: "symbol"; font-size: 10.0pt;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";"> </span></span></span><!--[endif]--><span dir="LTR"></span><span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Domains<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-left: 47.25pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; tab-stops: list .5in; text-indent: -.25in;">
<!--[if !supportLists]--><span style="color: black; font-family: "symbol"; font-size: 10.0pt;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";"> </span></span></span><!--[endif]--><span dir="LTR"></span><span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Virtual
MTAs<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-left: 47.25pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; tab-stops: list .5in; text-indent: -.25in;">
<!--[if !supportLists]--><span style="color: black; font-family: "symbol"; font-size: 10.0pt;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";"> </span></span></span><!--[endif]--><span dir="LTR"></span><span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Jobs<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-left: 47.25pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; tab-stops: list .5in; text-indent: -.25in;">
<!--[if !supportLists]--><span style="color: black; font-family: "symbol"; font-size: 10.0pt;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";"> </span></span></span><!--[endif]--><span dir="LTR"></span><span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Logs<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-left: 47.25pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; tab-stops: list .5in; text-indent: -.25in;">
<!--[if !supportLists]--><span style="color: black; font-family: "symbol"; font-size: 10.0pt;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";"> </span></span></span><!--[endif]--><span dir="LTR"></span><span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Edit
configuration<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-left: 47.25pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; tab-stops: list .5in; text-indent: -.25in;">
<!--[if !supportLists]--><span style="color: black; font-family: "symbol"; font-size: 10.0pt;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";"> </span></span></span><!--[endif]--><span dir="LTR"></span><span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Show/enter
license key<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-left: 47.25pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; tab-stops: list .5in; text-indent: -.25in;">
<!--[if !supportLists]--><span style="color: black; font-family: "symbol"; font-size: 10.0pt;"><span style="mso-list: Ignore;">·<span style="font: 7.0pt "Times New Roman";"> </span></span></span><!--[endif]--><span dir="LTR"></span><span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Start
PowerMTA<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-left: 47.25pt; mso-list: l0 level1 lfo1; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; tab-stops: list .5in; text-indent: -.25in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "arial" , sans-serif; font-size: 14pt;">Link to Fofa.so (<a href="https://eforensicsmag.com/lets-detect-the-iot-search-engines-from-fofa-to-shodan-by-amitay-dan/" rel="nofollow" target="_blank">like Shodan</a>):</span></div>
<br />
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
</div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Dork<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><a href="https://fofa.so/result?qbase64=IlBvd2VyTVRBIG1vbml0b3JpbmciICYmIHRpdGxlPT0iUG93ZXJNVEEgbW9u%0AaXRvcmluZyI%3D" rel="nofollow" target="_blank">"PowerMTAmonitoring" && title=="PowerMTA monitoring"</a></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Due
to the impact involved in this case and the amount of metadata with emails listing being involved, I decided to let the company to deal with the
case much longer then usually needed, this while I knew they basically rejected any act in the case.<o:p></o:p></span><br />
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">I waited almost a year.</span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">During the time when reported the issue, the sum of exposed IP's were 24,835 IP’s, now the numbers are 55,089
IPs.<o:p></o:p></span><br />
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Timeline:<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">04.05.2019<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">First
report by support email of port25<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">04/05/2019 <o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Auto
replay from SparkPost email<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">with
the case number <o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">and
the following text:<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in; margin-left: .5in; margin-right: 0in; margin-top: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">“Hello,<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in; margin-left: .5in; margin-right: 0in; margin-top: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in; margin-left: .5in; margin-right: 0in; margin-top: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Thank you for contacting Port25
Support. A Port25 Support Analyst will get back to you shortly during business
hours (Mon-Fri 9:00am ET - 5:00pm ET). Please allow for additional response
time when submitting a case over the weekend or during a holiday period. In
order to better assist you, please ensure you have provided the software
version and configuration file where applicable. If you have any additional
information to add to this case, please reply to this email. Best regards, The
Port25 Support Team”<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">No
answer by email, and no Analyst contacted me.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">13.05.2019<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">I
call them by phone at <o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Since
I'm not a client they didn’t wanted to share information or data, they didn’t
ask for more details.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">They
confirm they did receive the email about the issue.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">16.05.2019<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Answer
from the Israeli CERT:<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><a href="https://www.gov.il/en/departments/news/119en" rel="nofollow" target="_blank">The Israeli Cyber EmergencyResponse Team (CERT)</a> communicated with them as well, followed my report <span style="mso-spacerun: yes;"> </span>- and basically got answer that SparkPost
won't deal in the issue.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">19.09.2019<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">I've
sent another email regards the case to support at Port25, with no replay.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">20.10.2019<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">An
email sent to the privacy department at SparkPost, I got no replay.<o:p></o:p></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span>
<br />
<br />
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 18.6667px;"><br /></span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Logs</span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6-rVxZH3vGkIPFr732l05K6faArJP0Ms5SIPgrn83IwDXW2FFtznwCXo6ohzquOPmDkFTaAEzsspa8gS3QuTQ1BoC6G-Lh-HsC8L4UQfayA2eQ1j7v_UBc6Rmcr5fcn-CZ0TLTFxMWgL6/s1600/Logs+POC+Iinterface.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="604" data-original-width="1366" height="281" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6-rVxZH3vGkIPFr732l05K6faArJP0Ms5SIPgrn83IwDXW2FFtznwCXo6ohzquOPmDkFTaAEzsspa8gS3QuTQ1BoC6G-Lh-HsC8L4UQfayA2eQ1j7v_UBc6Rmcr5fcn-CZ0TLTFxMWgL6/s640/Logs+POC+Iinterface.jpg" width="640" /></a></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;">Logs metadata:</span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7J8hwFGdavbC4mHBi9Y-zBS_dIz3UVQZ4E75tNROftkiMhLzMS-3AVkPBWPWrDk-XL4kLi3GOgs8LHvsjM573zrLpD4bGgHNCm8lis7fbuE4Y22n5j8oAM8H8q7-TpyHDbiplGeA-lieA/s1600/LOGS+POC2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="418" data-original-width="1333" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7J8hwFGdavbC4mHBi9Y-zBS_dIz3UVQZ4E75tNROftkiMhLzMS-3AVkPBWPWrDk-XL4kLi3GOgs8LHvsjM573zrLpD4bGgHNCm8lis7fbuE4Y22n5j8oAM8H8q7-TpyHDbiplGeA-lieA/s640/LOGS+POC2.jpg" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2-3PNZBijmwenYgv9AY9yFu8yWy6a71HNgr9g3g8mlwC9meUQ9XrKshcV3F0VeWg7o4wWVGg0LhSJFcdMF70rJ1SW-DfcdhajTXCEeOfPSwewY5cUcnupd4z4bFMwUwexywqCXxS59hkS/s1600/LOGS+POC.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="365" data-original-width="1339" height="172" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi2-3PNZBijmwenYgv9AY9yFu8yWy6a71HNgr9g3g8mlwC9meUQ9XrKshcV3F0VeWg7o4wWVGg0LhSJFcdMF70rJ1SW-DfcdhajTXCEeOfPSwewY5cUcnupd4z4bFMwUwexywqCXxS59hkS/s640/LOGS+POC.jpg" width="640" /></a></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="color: black; font-family: "arial" , sans-serif; font-size: 14.0pt;"><br /></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;">Edit </span><span style="font-size: 18.6667px;">configuration</span><span style="font-size: 14pt;"> </span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglekg6eh4ihxPSh6yNF9KRdnMN_A7bYgWtrfJE2st6BQdsHTORQv0-wgV0WLQOsxyzn5TPcT6fXdJHY0xDpJQu8RynnhFSg9I5ftRMEP32vRPteQ713GMLxCpuaNnx7FYmB5JVhsU5Giug/s1600/Edit+configuration+file+PrintScreen+POC.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="587" data-original-width="1349" height="276" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglekg6eh4ihxPSh6yNF9KRdnMN_A7bYgWtrfJE2st6BQdsHTORQv0-wgV0WLQOsxyzn5TPcT6fXdJHY0xDpJQu8RynnhFSg9I5ftRMEP32vRPteQ713GMLxCpuaNnx7FYmB5JVhsU5Giug/s640/Edit+configuration+file+PrintScreen+POC.jpg" width="640" /></a></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;">Enter command interface</span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEge3dRUPXDbHaSPS5XHS8fvJHfshQncaAFJAwEpPx1_OiA2X7AUEtv7lkGxrEuGu9r-X_nuaRJid3yZacXXlos0WlW5v4Oepz3LQWomLKhTvT-1YrwZi-8l5wRLbNKffTD9cmpmkjONhK5U/s1600/Enter+Command+POC.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="645" data-original-width="1349" height="305" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEge3dRUPXDbHaSPS5XHS8fvJHfshQncaAFJAwEpPx1_OiA2X7AUEtv7lkGxrEuGu9r-X_nuaRJid3yZacXXlos0WlW5v4Oepz3LQWomLKhTvT-1YrwZi-8l5wRLbNKffTD9cmpmkjONhK5U/s640/Enter+Command+POC.jpg" width="640" /></a></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;"><br /></span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;">Domains interface</span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;"><br /></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLex5px3Q_p-Gx8e2Hqlw1whFjV2foR3NWffvTt_HQCZEZZFchrVxiT4o5hM6e9x30LVpbnDW7XoVmPxadXjwBqdfLhAWo9zKl1PB0zKQDTwitaCfeB-h2f8s7WE7ObszwQabnogEiFNRM/s1600/Domaind+interface+POC.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1600" data-original-width="1322" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiLex5px3Q_p-Gx8e2Hqlw1whFjV2foR3NWffvTt_HQCZEZZFchrVxiT4o5hM6e9x30LVpbnDW7XoVmPxadXjwBqdfLhAWo9zKl1PB0zKQDTwitaCfeB-h2f8s7WE7ObszwQabnogEiFNRM/s640/Domaind+interface+POC.jpg" width="528" /></a></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;"><br /></span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 14pt;">Current </span><span style="font-size: 18.6667px;">license</span><span style="font-size: 14pt;"> key info</span></span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGxxuVpogCEG17RXU8_iIc9CPSeUWT-G7hLT86QuzbcKWT-oxoRecbDNqrzpTklVHjkc1qLSd_ESunxqM0h6cf3CoJ-zpwqHIuMe79eQXL6v8t8xA3EM5kI5dbWzf8W3xIdu0y41svenMm/s1600/Current+License+Key+POC.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="614" data-original-width="1349" height="289" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGxxuVpogCEG17RXU8_iIc9CPSeUWT-G7hLT86QuzbcKWT-oxoRecbDNqrzpTklVHjkc1qLSd_ESunxqM0h6cf3CoJ-zpwqHIuMe79eQXL6v8t8xA3EM5kI5dbWzf8W3xIdu0y41svenMm/s640/Current+License+Key+POC.jpg" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br />
<span style="font-family: "arial" , sans-serif;"><span style="font-size: 18.6667px;"><a href="https://www.slideshare.net/droidman/powermta-users-guide-40" rel="nofollow" target="_blank">PowerMTA Users guide</a></span></span></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-23809380747920004422019-08-19T11:15:00.002-07:002019-09-22T08:46:20.160-07:00Exposure of TensorBoard interfaces in Fofa.so<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr">
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<span style="color: #444444;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRYJXaBbbbf5HcQPHJb3u1Qq3tjk3uMjE4LXXBeVguMQ7IjT5zPLXfIkXPUabYQ_0CTn0xnpCvDV2G4OjulpPDTREZZMCmLyIWtJoX5usLEtv1ynofdlobecymIo0UgfcBuj6im5DpALKm/s1600/Capture%252B_2019-08-19-20-32-06.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: #444444;"><img border="0" data-original-height="617" data-original-width="709" height="278" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRYJXaBbbbf5HcQPHJb3u1Qq3tjk3uMjE4LXXBeVguMQ7IjT5zPLXfIkXPUabYQ_0CTn0xnpCvDV2G4OjulpPDTREZZMCmLyIWtJoX5usLEtv1ynofdlobecymIo0UgfcBuj6im5DpALKm/s320/Capture%252B_2019-08-19-20-32-06.png" width="320" /></span></a></div>
<span style="color: #444444;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgX7j81SZed4184zGFY1OK-CicvgM-pPy_hOOGodt0bSvX1f96AIAPz5BUZNCTe3oga0_gYFdfRB-utxzsz5VaLoJoEbuLsx7weRaXCLzCDrlPVucCfHLB6Zj9e8gScIia-zcSR6pZAKjuQ/s1600/Capture%252B_2019-08-19-20-32-53.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: #444444;"><img border="0" data-original-height="953" data-original-width="719" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgX7j81SZed4184zGFY1OK-CicvgM-pPy_hOOGodt0bSvX1f96AIAPz5BUZNCTe3oga0_gYFdfRB-utxzsz5VaLoJoEbuLsx7weRaXCLzCDrlPVucCfHLB6Zj9e8gScIia-zcSR6pZAKjuQ/s320/Capture%252B_2019-08-19-20-32-53.png" width="241" /></span></a></div>
</div>
<div align="left">
<div dir="ltr">
<div dir="ltr" id="docs-internal-guid-11c25737-7fff-2149-c0dd-bc10eef79876" style="line-height: 1.38; margin-bottom: 0pt; margin-left: 36pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" id="docs-internal-guid-11c25737-7fff-2149-c0dd-bc10eef79876" style="line-height: 1.38; margin-bottom: 0pt; margin-left: 36pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div id="docs-internal-guid-11c25737-7fff-2149-c0dd-bc10eef79876" style="line-height: 1.38; margin-bottom: 0pt; margin-left: 36pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><a href="https://ai.google/tools/" rel="nofollow" target="_blank">Google AI</a> family has an open source platform called <a href="https://www.tensorflow.org/js" rel="nofollow" target="_blank">Tensorflow</a>, as part of Tensorflow there is a tool called TensorBoard.</span><br />
<br />
<div style="line-height: 1.38; margin-bottom: 0pt; margin-left: 36pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">"TensorFlow is an end-to-end open source platform for machine learning. It has a comprehensive, flexible ecosystem of tools, libraries and community resources that lets researchers push the state-of-the-art in ML and developers easily build and deploy ML powered applications"</span></div>
</div>
<div>
<span style="color: #444444;"><br /></span>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-left: 36pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">This tool can be exposed to IoT search engines like Shodan, Fofa, Censys etc, as long as the users didn't properly secured the service.</span></div>
<div>
<span style="color: #444444;"><br /></span>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">I decided to use Fofa search engine for my proof of concept.</span></div>
<div>
<span style="color: #444444;"><br /></span>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">Attacker can search for TensorBoard in Fofa (similar to Shodan)</span></div>
<div>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">1. Go to <a href="https://fofa.so/">https://fofa.so/</a></span></div>
<div>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">2.Type in search bar: <a href="https://fofa.so/result?qbase64=InRlbnNvcmZsb3ciICYmIHRpdGxlPT0iVGVuc29yQm9hcmQi" rel="nofollow" target="_blank">"tensorflow" && title=="TensorBoard"</a></span><br />
<br /></div>
<div>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">Most of the results I saw were not too sensitive </span><br />
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">Timeline:</span><br />
<span style="font-family: arial; font-size: 11pt; white-space: pre-wrap;"><br /></span>
<span style="font-family: arial; font-size: 11pt; white-space: pre-wrap;">17 Apr 2019</span></div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">First email to Google security.</span></div>
<div>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">After responding I gave them proper deadline.</span></div>
<div>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span>
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">14.05.2019</span></div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><i>"The team is working on changing the behaviour in the next major release of TensorFlow."</i></span></div>
<div>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span>
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">16.05.2019</span></div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><i>I frankly don't know their release plan :( They are now in Alpha if that helps: <a href="https://www.tensorflow.org/alpha">https://www.tensorflow.org/alpha</a></i></span></div>
<div>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span>
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">03.07.2019</span></div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><i>you're more than welcome to publish, and we're happy to have a look too! :D</i></span></div>
<div>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span>
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">04.07.2019</span><br />
<span style="font-family: arial; font-size: 11pt; white-space: pre-wrap;"><i>It's unclear from the team, they've been informed you want to publish and to be honest, they don't seem overly concerned at the prospect of disclosure. I've asked them for a rough estimate of time for the release (which might take a couple of days for them to respond), but I'd say use your judgement on the best course of action here with the knowledge that the team says this was a pretty well documented and non-hidden aspect of Tensorboard. </i></span></div>
<div>
<span style="color: #444444;"><br /></span>
</div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><i>Sorry, I know that's really non-definitive and we do appreciate the patience and taking into account the fix here.. It's a weird situation, but I'll keep you up to date with anything the product team has to say about it</i></span></div>
<div>
<span style="color: #444444;">---==</span></div>
<div style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">Now there is <a href="https://www.tensorflow.org/beta" rel="nofollow" target="_blank">TensorFlow 2.0 Beta</a> out there so I decided to publish my findings.</span></div>
<div>
<span style="color: #444444;"><br /></span></div>
</div>
<div dir="rtl">
<span style="color: #444444;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6cpqQ8AJIe0mAeQRkqtr0JuIV6Eojr3v-bFPu62RlJ_On-EHdLypttBnjzTKoUB6_cMFk_o3gT3C9ciSMShQkhuIVQCdcqwxBokvXDMUWpjvC1x5QXrHKgTNkeesm8YFnJfGN0Pgn_3WV/s1600/Capture%252B_2019-08-19-20-37-06.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: #444444;"><img border="0" data-original-height="934" data-original-width="710" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6cpqQ8AJIe0mAeQRkqtr0JuIV6Eojr3v-bFPu62RlJ_On-EHdLypttBnjzTKoUB6_cMFk_o3gT3C9ciSMShQkhuIVQCdcqwxBokvXDMUWpjvC1x5QXrHKgTNkeesm8YFnJfGN0Pgn_3WV/s400/Capture%252B_2019-08-19-20-37-06.png" width="303" /></span></a></div>
<span style="color: #444444;"><span style="color: #f3f3f3;"><br /></span>
</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf8sKgyh8sUSoYeZXTN_MSZeE5j0aVnq0vHjelbLXgurfIjbEbyEONVCgIUe4PElKn4pZo7SG3I3KmA0OHJR4ec6-AX9gz7sbM3f4-TIdQRwP3uP6No9pCnnRoGowupmC44NXZ6A1GGEYM/s1600/Capture%252B_2019-08-19-20-37-35.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: #444444;"><img border="0" data-original-height="885" data-original-width="599" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf8sKgyh8sUSoYeZXTN_MSZeE5j0aVnq0vHjelbLXgurfIjbEbyEONVCgIUe4PElKn4pZo7SG3I3KmA0OHJR4ec6-AX9gz7sbM3f4-TIdQRwP3uP6No9pCnnRoGowupmC44NXZ6A1GGEYM/s400/Capture%252B_2019-08-19-20-37-35.png" width="270" /></span></a></div>
<span style="color: #444444;"><span style="color: #f3f3f3;"><br /></span>
</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs-R_6P8xyYPo8IolAZ8ued4IDCI2gFw47XHGskAs5109gEmb1q8XtGjXVSLDZSW5PDPBp8vtqMrQiq0ni0i7MPSLlbCtChSMguwT3fkvGo-djIhHOWRyBnynlZRyzwYcIigqqz-6OJJuu/s1600/Capture%252B_2019-08-19-20-38-20.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: #444444;"><img border="0" data-original-height="946" data-original-width="716" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs-R_6P8xyYPo8IolAZ8ued4IDCI2gFw47XHGskAs5109gEmb1q8XtGjXVSLDZSW5PDPBp8vtqMrQiq0ni0i7MPSLlbCtChSMguwT3fkvGo-djIhHOWRyBnynlZRyzwYcIigqqz-6OJJuu/s400/Capture%252B_2019-08-19-20-38-20.png" width="302" /></span></a></div>
<span style="color: #444444;"><span style="color: #f3f3f3;"><br /></span>
</span><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQV_T3VDOHej2OLbvV0uIXq1ND5XN2AOqFrVg6M3Im-XxOsT7_CRYBxJlplxqd94sO_uFA55ZB6gf7eHqFWbRCSDKWQMJ_BOGLUCiSzNf7ImRIDAATvA4jKTDXNogONHU-5G2eNSucTBS1/s1600/Capture%252B_2019-08-19-20-43-18.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><span style="color: #444444;"><img border="0" data-original-height="1028" data-original-width="708" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQV_T3VDOHej2OLbvV0uIXq1ND5XN2AOqFrVg6M3Im-XxOsT7_CRYBxJlplxqd94sO_uFA55ZB6gf7eHqFWbRCSDKWQMJ_BOGLUCiSzNf7ImRIDAATvA4jKTDXNogONHU-5G2eNSucTBS1/s400/Capture%252B_2019-08-19-20-43-18.png" width="275" /></span></a></div>
<div dir="ltr">
<span style="color: #444444;"><br /></span></div>
<div dir="ltr">
<span style="color: #444444;"><br /></span></div>
<div dir="ltr">
<span style="color: #444444;"><br /></span></div>
<div dir="ltr">
<span style="color: #444444;"><br /></span></div>
<div dir="ltr">
<span style="color: #444444;"><br /></span></div>
<div dir="ltr">
<span style="color: #444444;"><br /></span></div>
<div dir="ltr">
<br /></div>
</div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-4823864216603742142019-03-09T03:44:00.001-08:002019-03-09T07:31:39.797-08:00בשם חופש המידע - איך השגתי את מספרי הצל שמסתתרים מאחורי הכוכביות<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgO6tUqwmzobC4gTb3POFK_OJkiXEvrPIcgjBZtoIF4bELNGj7wHSkTkP5rz2dNxmphmd-BeYyy8Yt5m2pzlngWPDH99bqlD9nQuc88Turu0Mwcc7Q48jmTstilfl1lt1VWEvGq6hAefwNM/s1600/Capture%252B_2019-03-09-13-57-19.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="906" data-original-width="602" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgO6tUqwmzobC4gTb3POFK_OJkiXEvrPIcgjBZtoIF4bELNGj7wHSkTkP5rz2dNxmphmd-BeYyy8Yt5m2pzlngWPDH99bqlD9nQuc88Turu0Mwcc7Q48jmTstilfl1lt1VWEvGq6hAefwNM/s400/Capture%252B_2019-03-09-13-57-19.png" width="265"></a></div>
<br>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4ZtwQmicp3c_gWslTo0PHSSaoNZQXHqU2MjGuPP-SdN5v3h7LATQt9GH0s8pLznqJMGAtzJ29N8mU19e1KxKUT_NjxFy8DEvUPWaAx5Bw4A6Tlrw0UTQqUo5yJkY94enM8EmiwdApGtU6/s1600/Capture%252B_2019-03-09-13-57-57.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="908" data-original-width="667" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4ZtwQmicp3c_gWslTo0PHSSaoNZQXHqU2MjGuPP-SdN5v3h7LATQt9GH0s8pLznqJMGAtzJ29N8mU19e1KxKUT_NjxFy8DEvUPWaAx5Bw4A6Tlrw0UTQqUo5yJkY94enM8EmiwdApGtU6/s400/Capture%252B_2019-03-09-13-57-57.png" width="293"></a></div>
<br>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br>
<div dir="rtl">
</div>
<div style="text-align: right;">
במשך קרוב לעשור אני עוסק בנושאים שונים הקשורים לפרצות טלפוניה</div><div style="text-align: right;"><br></div><div style="text-align: right;"> אחד מהנושאים שחוזרים על עצמם שוב ושוב<span style="font-family: sans-serif;"> עם חוסר ההצלחה שלי לבצע שינוי מערכתי, </span>הם מערכות טלפוניה לזיהוי לקוחות המתקשרים למספר מסויים, ומזוהים לפי </div><div style="text-align: right;">מספר טלפון המזוהה שאיתו הם הציגו את עצמם<br></div>
<br>
<div dir="rtl" style="text-align: right;">
זיהוי שכזה כמזהה יחידני הינו בלתי חוקי, וניתן לעקיפה בקלות בעזרת שינוי שיחה מזוהה, שינוי שניתן לבצע בעזרת אפליקציות ייחודיות או הגדרה פשוטה למי שמתפעל מרכזיות טלפוניה בעלות ספקים זרים.</div><div dir="rtl" style="text-align: right;"><br></div><div dir="rtl" style="text-align: right;">לא פעם התרעתי על חולשות הקשורות למשפחה זו של חולשות זיהוי לקוחות בממשקים טלפוניים, ובגדול נכשלתי.<br></div><div dir="rtl" style="text-align: right;"><br></div>
<div dir="rtl" style="text-align: right;">
רוב האופציות של אזרחים בישראל לבצע שינוי שיחה מזוהה, הינם על ידי שיחה ממערכת הממוקמת במדינות זרות, כאשר מערכות אלו לא תומכות בהתקשרות למספרים מקוצרים בצורת חיוג לכוכבית<br>
<br></div>
<div dir="rtl" style="text-align: right;">
לכן לפעמים לתוקף הפוטנציאלי יש בעיה - אין לו את הטלפון האמיתי שמסתתר מאחורי הכוכבית<br>
<br></div>
<div dir="rtl" style="text-align: right;">
בקשות חופש מידע הינן דרך אולטימטיבית לפגיעה בפרטיות, ולאיתור פרצות אבטחה - בשם החוק</div><div dir="rtl" style="text-align: right;"><br></div><div dir="rtl" style="text-align: right;">הן במהותן חיוביות, אבל כמו שכתבתי פה כבר בעבר, ההשלכות שלהן יכולות להיות חסרות תקנה<br><br></div>
<div dir="rtl" style="text-align: right;">
לפני מספר חודשים החלטתי לחסוך הרבה כאב ראש מחקרי, ולהגיש בקשת חופש מידע בנושא הכוכביות</div><div dir="rtl" style="text-align: right;"><br></div><div dir="rtl" style="text-align: right;">אני מקווה שהתוצר הזה יגרום הפעם לשינוי מודעות</div><div dir="rtl" style="text-align: right;">מדובר על מאגר מידע חופשי, ועל שיטה שלא נועדה לאבטח אלא לקצר את תהליך ההתקשרות של הלקוחות ולפשט אותו.</div><div dir="rtl" style="text-align: right;"><br></div><div dir="rtl" style="text-align: right;"><br></div>
<div dir="rtl" style="text-align: right;">
להלן הדוח שקיבלתי</div>
<div dir="rtl" style="text-align: right;">
<a href="https://drive.google.com/file/d/0B3I4JyC2xcPQakNjWXpqRTRCYkVKbUh3X0hiaDBRVjZRN0NZ/view?usp=drivesdk">https://drive.google.com/file/d/0B3I4JyC2xcPQakNjWXpqRTRCYkVKbUh3X0hiaDBRVjZRN0NZ/view?usp=drivesdk</a><br>
<br></div>
<div dir="rtl" style="text-align: right;">
אם יש לכם מערכת טלפונית, אל תסתתרו מאחורי כוכבית בתואנה שאי אפשר להתקשר לשם באופן מזוייף, זאת אשליה אופטית<br>
אשליה טלפונית שבקשת חופש מידע ממסמסת ביעילות<br>
<br>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQ2aKdFhbYnO_z_120wORVxbV111tu3OSbIE8AnR67yyaniq8InEsBmygcqned3NS3ZEDryyapfFMRlqScN1Al_EDBau54-YJoTBYcqo8pE_orIRebm4vqOw_D80ycyZM8cqHpXjheUwJR/s1600/Capture%252B_2019-03-07-13-17-41.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="551" data-original-width="454" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQ2aKdFhbYnO_z_120wORVxbV111tu3OSbIE8AnR67yyaniq8InEsBmygcqned3NS3ZEDryyapfFMRlqScN1Al_EDBau54-YJoTBYcqo8pE_orIRebm4vqOw_D80ycyZM8cqHpXjheUwJR/s400/Capture%252B_2019-03-07-13-17-41.png" width="328"></a></div>
</div>
<div style="text-align: right;">
<br>
המאגר הזה מאוד יעיל גם לשימוש רגיל, כמו שיחות טלפון לאנשים ששוהים בחו"ל או מתקשרים ממערכות טלפוניה מבוססות אינטרנט שלא תומכות במספרי כוכבית</div><div style="text-align: right;"><br></div><div style="text-align: right;"> אגב, התברר לי שהיה גורם נוסף שביקש בקשה דומה קצת לפני, ככה שההליך היה יחסית מהיר </div><div style="text-align: right;"><br></div><div style="text-align: right;"> לדעתי, יש לבצע תיקון לחוק שיגרום לכך שכל בקשת חופש מידע תעבור סינון של איש אבטחת מידע שהוכשר לכך</div><div style="text-align: right;"><br></div><div style="text-align: right;">בנוסף, יש לבצע מניעה מעקב ואכיפה אחר גורמי </div><div style="text-align: right;">טרור ופשע שמנצלים בקשות חופש מידע לרעה </div><div style="text-align: right;"><br></div><div style="text-align: right;"><br></div><div style="text-align: right;">כאן ניתן לראות בקשה שלישית בסגנון זה ומאגר , כללי של בקשות חופש מידע</div><div style="text-align: right;"><br></div><div style="text-align: right;">https://foi.gov.il/he/node/5197 <br></div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-64296204836582651202019-02-13T13:23:00.001-08:002019-02-13T13:30:15.459-08:00Hacking last mile solutions <p dir="ltr">Two years ago I was analyzing the needs of better security solutions in last mile solutions and hybrid robots.</p>
<p dir="ltr">IOActive should be named as a company who took this subject into the hands earlier then other</p>
<p dir="ltr">Now, Zimperium are joining as well, and I think it's time to push this sobject much forward.</p>
<p dir="ltr">We must have regulations regards cyber security of micro transportation.</p>
<p dir="ltr">איומים קיברנטיים על כלי תחבורה זעירה בישראל ובעולם </p>
<p dir="ltr">https://www.digitalwhisper.co.il/files/Zines/0x64/DW100-10-ElecTwoWheel.pdf</p>
<p dir="ltr">https://www.mail-archive.com/fulldisclosure@seclists.org/msg04986.html</p>
<p dir="ltr">Zimperium</p>
<p dir="ltr">https://www.geektime.co.il/xiaomi-m365-scooter-hacked/</p>
<p dir="ltr">https://blog.zimperium.com/dont-give-me-a-brake-xiaomi-scooter-hack-enables-dangerous-accelerations-and-stops-for-unsuspecting-riders/</p>
<p dir="ltr">https://youtu.be/ASygXa8UVYk</p>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-25791902521847932192018-10-16T18:56:00.001-07:002018-10-16T19:24:37.158-07:00האם יש הבדל בין בין ריגול ליזמות? - חברת RedCrow<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="rtl">
</div>
<div style="text-align: right;">
-מעקב-</div>
<div style="text-align: right;">
מאת אמיתי דן</div>
<div style="text-align: right;">
<br /></div>
<br />
<div dir="rtl" style="text-align: right;">
לפני כשנתיים חשפתי לראשונה בעברית, ובעזרת המגזין Israel Defence את הפעילות המודיעינית של חברת הייטק פלסטינית ביטחונית הרשומה בארצות הברית.</div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div dir="rtl" style="text-align: right;">
החברה מבצעת שימוש במקורות open source, מקורות מידע אנושיים ועוד ומספקת בין היתר מידע חי ואסטרטגי על כוחות הביטחון.</div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div dir="rtl" style="text-align: right;">
הם משתמשים בטכנולוגיות NLP וכלים אוטומטיים לאיסוף מידע, וזאת במקביל לעבודת אנליסטים ושירותים אחרים.</div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div dir="rtl" style="text-align: right;">
מדובר בדוגמה ראשונית ליזמות בתעשייה הביטחונית הפלסטינית שמתמחה במודיעין בזמן אמת, וניתוחים אסטרטגיים באזור MENA.</div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div dir="rtl" style="text-align: right;">
נכון להיום עיקר הפעילות שלהם היא ישראל/עזה/גדה ירדן מצריים <u>ולבנון</u>.</div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div dir="rtl" style="text-align: right;">
פעילות החברה, כוללת איסוף ומסירת מידע בזמן אמת על פעילות כוחות הביטחון בישראל, ולכן גם מאתגרת בפועל את רשויות החוק וכוחות הביטחון.</div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div dir="rtl">
</div>
<div style="text-align: right;">
בניגוד לעבר, לאחרונה הם פתחו אפליקציה בסיסית, שאליה ניתן להצטרף על ידי מנוי שמשולם דרך חנות האפליקציות, ומיועדת לעיתונאים וגורמים אחרים שרוצים לקבל מידע על איומים באזור גאוגרפי נתון.</div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
מצב זה, מאפשר הצטרפות של ארגוני טרור לשירות הבסיסי, ולקבל ממנו מידע שימושי מבלי לעבור סינון מקדים.</div>
<div style="text-align: right;">
<br /></div>
<br />
<div dir="rtl">
</div>
<div style="text-align: right;">
בניגוד לפתרונות רבים בשוק, ההתמחויות שלהם אשר כוללות גם ביטחון פיזי, גם מידע מאנשים וגם קצירת מידע ממקורות OSINT מספקות מוצר שמוביל כיום את המענה למודיעין גאופיזי ללקוחות אזרחיים בזמן אמת באזור MENA.</div>
<div style="text-align: right;">
<br /></div>
<br />
<div dir="rtl" style="text-align: right;">
מאחר שהחברה פותרת בעיות ללקוחות לגיטימיים רבים, היכולות להתמודד עם הפעילות המקומית שלה, מקבל אתגר גדול יותר מבחינת נראות ומבחינה חוקית.</div>
<div dir="rtl" style="text-align: right;">
הם מאתגרים את המערכת ואת המושג ריגול ומסירת מידע לגורם זר.</div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div dir="rtl" style="text-align: right;">
האינטרס של מדינת ישראל לעודד יזמות, יפגע אם יפריעו לפעילות שלה, ומנגד בעידן שבו כוחות חמאס אוספים מידע על חיילים דרך חדירה למכשירי טלפון, כדאי להבין שמידע רב על כוחות הביטחון, מפורסם בזמן אמת תוך יכולת לניצול לרעה על ידי ארגוני טרור.</div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div dir="rtl" style="text-align: right;">
מקורות:</div>
<div dir="rtl" style="text-align: right;">
<a href="http://www.redcrow.co/login">http://www.redcrow.co/login</a></div>
<div dir="rtl">
</div>
<div style="text-align: right;">
RedCrow Lite</div>
<div style="text-align: right;">
<a href="https://play.google.com/store/apps/details?id=co.redcrow.lite"></a><a href="https://play.google.com/store/apps/details?id=co.redcrow.lite">https://play.google.com/store/apps/details?id=co.redcrow.lite</a></div>
<br />
<div dir="rtl">
</div>
<div style="text-align: right;">
RedCrow</div>
<div style="text-align: right;">
<a href="https://play.google.com/store/apps/details?id=co.redcrow.redcrowintelligence"></a><a href="https://play.google.com/store/apps/details?id=co.redcrow.redcrowintelligence">https://play.google.com/store/apps/details?id=co.redcrow.redcrowintelligence</a></div>
<br />
<div dir="rtl">
</div>
<div style="text-align: right;">
כתבה ב Israel Defence</div>
<div style="text-align: right;">
2016</div>
<div style="text-align: right;">
<a href="http://www.israeldefense.co.il/he/content/%D7%97%D7%91%D7%A8%D7%AA-%D7%9E%D7%95%D7%93%D7%99%D7%A2%D7%99%D7%9F-%D7%A4%D7%9C%D7%A1%D7%98%D7%99%D7%A0%D7%99%D7%AA-%D7%A2%D7%95%D7%A7%D7%91%D7%AA-%D7%90%D7%97%D7%A8-%D7%A4%D7%A2%D7%95%D7%9C%D7%95%D7%AA-%D7%A6%D7%94%D7%9C-%D7%91%D7%96%D7%9E%D7%9F-%D7%90%D7%9E%D7%AA"></a><a href="http://www.israeldefense.co.il/he/content/%D7%97%D7%91%D7%A8%D7%AA-%D7%9E%D7%95%D7%93%D7%99%D7%A2%D7%99%D7%9F-%D7%A4%D7%9C%D7%A1%D7%98%D7%99%D7%A0%D7%99%D7%AA-%D7%A2%D7%95%D7%A7%D7%91%D7%AA-%D7%90%D7%97%D7%A8-%D7%A4%D7%A2%D7%95%D7%9C%D7%95%D7%AA-%D7%A6%D7%94%D7%9C-%D7%91%D7%96%D7%9E%D7%9F-%D7%90%D7%9E%D7%AA">http://www.israeldefense.co.il/he/content/%D7%97%D7%91%D7%A8%D7%AA-%D7%9E%D7%95%D7%93%D7%99%D7%A2%D7%99%D7%9F-%D7%A4%D7%9C%D7%A1%D7%98%D7%99%D7%A0%D7%99%D7%AA-%D7%A2%D7%95%D7%A7%D7%91%D7%AA-%D7%90%D7%97%D7%A8-%D7%A4%D7%A2%D7%95%D7%9C%D7%95%D7%AA-%D7%A6%D7%94%D7%9C-%D7%91%D7%96%D7%9E%D7%9F-%D7%90%D7%9E%D7%AA</a></div>
<div style="text-align: right;">
<br /></div>
<br />
<div dir="rtl" style="text-align: right;">
<a href="https://www.crunchbase.com/organization/red-crow">https://www.crunchbase.com/organization/red-crow</a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
Sources: redcrow<br />
From UNICEF article<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0H8kUW65DBNnSTFQYhi38-DMaqMpcTX5y6S1vg2LbdHG9cDrzRMYxqdk-BveorXlPA_oij0rNlTAOoaGYICP31CqW0npeBpTYNEKi8P-SbcJWVMmEBabBlP6na-BAJtR86dAKnNJ8SWga/s1600/20160519_111833820-768x609.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="609" data-original-width="768" height="253" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0H8kUW65DBNnSTFQYhi38-DMaqMpcTX5y6S1vg2LbdHG9cDrzRMYxqdk-BveorXlPA_oij0rNlTAOoaGYICP31CqW0npeBpTYNEKi8P-SbcJWVMmEBabBlP6na-BAJtR86dAKnNJ8SWga/s320/20160519_111833820-768x609.jpg" width="320" /></a></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAlGNbk2yvUXe6Z8Pvbo-uvou22H5HPsWGzosq4eH3eZGFUo2pnk9DbZFZ2VJKv_iE9bU_dkkBsTn6YzY0X8fl_vfhu6jBXCyc9xfuQRngo7rNXijt9NrCVEvZK3Ok-Rrcr7O7T9NKKjnC/s1600/Team-6-768x563.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="563" data-original-width="768" height="234" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAlGNbk2yvUXe6Z8Pvbo-uvou22H5HPsWGzosq4eH3eZGFUo2pnk9DbZFZ2VJKv_iE9bU_dkkBsTn6YzY0X8fl_vfhu6jBXCyc9xfuQRngo7rNXijt9NrCVEvZK3Ok-Rrcr7O7T9NKKjnC/s320/Team-6-768x563.jpg" width="320" /></a></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU53I4cQX-PRopqIBjckeRqWZqxfLUrxbxXcn8alGOv5kFZKGcGdkI8I142nuhm2PCrb34Fb2ZzmLe2gO5frg3iwrwyoVUvpppehU1f_6Q6k_0zNZyMxRTyd1G4lHDd3O8EOPVYaFfPaqg/s1600/System-Dasboard-768x360.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="360" data-original-width="768" height="150" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU53I4cQX-PRopqIBjckeRqWZqxfLUrxbxXcn8alGOv5kFZKGcGdkI8I142nuhm2PCrb34Fb2ZzmLe2gO5frg3iwrwyoVUvpppehU1f_6Q6k_0zNZyMxRTyd1G4lHDd3O8EOPVYaFfPaqg/s320/System-Dasboard-768x360.png" width="320" /></a></div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div dir="rtl" style="text-align: right;">
<a href="http://unicefstories.org/2018/09/18/redcrow-six-months-with-the-innovation-fund/">http://unicefstories.org/2018/09/18/redcrow-six-months-with-the-innovation-fund/</a></div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-73349526653270125902018-10-10T21:16:00.000-07:002018-10-10T22:01:13.350-07:00Lets detect the IoT search engines, from Fofa to Shodan<div dir="ltr" style="text-align: left;" trbidi="on">
<span class="st"><!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]--><!--[if gte mso 9]><xml>
<o:OfficeDocumentSettings>
<o:AllowPNG/>
</o:OfficeDocumentSettings>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:View>Normal</w:View>
<w:Zoom>0</w:Zoom>
<w:TrackMoves>false</w:TrackMoves>
<w:TrackFormatting/>
<w:PunctuationKerning/>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:DoNotPromoteQF/>
<w:LidThemeOther>EN-US</w:LidThemeOther>
<w:LidThemeAsian>X-NONE</w:LidThemeAsian>
<w:LidThemeComplexScript>HE</w:LidThemeComplexScript>
<w:Compatibility>
<w:BreakWrappedTables/>
<w:SnapToGridInCell/>
<w:WrapTextWithPunct/>
<w:UseAsianBreakRules/>
<w:DontGrowAutofit/>
<w:SplitPgBreakAndParaMark/>
<w:EnableOpenTypeKerning/>
<w:DontFlipMirrorIndents/>
<w:OverrideTableStyleHps/>
</w:Compatibility>
<m:mathPr>
<m:mathFont m:val="Cambria Math"/>
<m:brkBin m:val="before"/>
<m:brkBinSub m:val="--"/>
<m:smallFrac m:val="off"/>
<m:dispDef/>
<m:lMargin m:val="0"/>
<m:rMargin m:val="0"/>
<m:defJc m:val="centerGroup"/>
<m:wrapIndent m:val="1440"/>
<m:intLim m:val="subSup"/>
<m:naryLim m:val="undOvr"/>
</m:mathPr></w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" DefUnhideWhenUsed="false"
DefSemiHidden="false" DefQFormat="false" DefPriority="99"
LatentStyleCount="375">
<w:LsdException Locked="false" Priority="0" QFormat="true" Name="Normal"/>
<w:LsdException Locked="false" Priority="9" QFormat="true" Name="heading 1"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 2"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 3"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 4"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 5"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 6"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 7"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 8"/>
<w:LsdException Locked="false" Priority="9" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="heading 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index 9"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 1"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 2"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 3"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 4"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 5"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 6"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 7"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 8"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" Name="toc 9"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="header"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footer"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="index heading"/>
<w:LsdException Locked="false" Priority="35" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="caption"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of figures"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="envelope return"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="footnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="line number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="page number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote reference"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="endnote text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="table of authorities"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="macro"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="toa heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Bullet 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Number 5"/>
<w:LsdException Locked="false" Priority="10" QFormat="true" Name="Title"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Closing"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Signature"/>
<w:LsdException Locked="false" Priority="1" SemiHidden="true"
UnhideWhenUsed="true" Name="Default Paragraph Font"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="List Continue 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Message Header"/>
<w:LsdException Locked="false" Priority="11" QFormat="true" Name="Subtitle"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Salutation"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Date"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text First Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Note Heading"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Body Text Indent 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Block Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Hyperlink"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="FollowedHyperlink"/>
<w:LsdException Locked="false" Priority="22" QFormat="true" Name="Strong"/>
<w:LsdException Locked="false" Priority="20" QFormat="true" Name="Emphasis"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Document Map"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Plain Text"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="E-mail Signature"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Top of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Bottom of Form"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal (Web)"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Acronym"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Address"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Cite"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Code"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Definition"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Keyboard"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Preformatted"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Sample"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Typewriter"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="HTML Variable"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Normal Table"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="annotation subject"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="No List"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Outline List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Simple 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Classic 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Colorful 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Columns 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Grid 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 4"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 5"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 7"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table List 8"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table 3D effects 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Contemporary"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Elegant"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Professional"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Subtle 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 1"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 2"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Web 3"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Balloon Text"/>
<w:LsdException Locked="false" Priority="39" Name="Table Grid"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Table Theme"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Placeholder Text"/>
<w:LsdException Locked="false" Priority="1" QFormat="true" Name="No Spacing"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading"/>
<w:LsdException Locked="false" Priority="61" Name="Light List"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 1"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 1"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 1"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 1"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 1"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 1"/>
<w:LsdException Locked="false" SemiHidden="true" Name="Revision"/>
<w:LsdException Locked="false" Priority="34" QFormat="true"
Name="List Paragraph"/>
<w:LsdException Locked="false" Priority="29" QFormat="true" Name="Quote"/>
<w:LsdException Locked="false" Priority="30" QFormat="true"
Name="Intense Quote"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 1"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 1"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 1"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 1"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 1"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 1"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 1"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 1"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 2"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 2"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 2"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 2"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 2"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 2"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 2"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 2"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 2"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 2"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 2"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 2"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 2"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 2"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 3"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 3"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 3"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 3"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 3"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 3"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 3"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 3"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 3"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 3"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 3"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 3"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 3"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 3"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 4"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 4"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 4"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 4"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 4"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 4"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 4"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 4"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 4"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 4"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 4"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 4"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 4"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 4"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 5"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 5"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 5"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 5"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 5"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 5"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 5"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 5"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 5"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 5"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 5"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 5"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 5"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 5"/>
<w:LsdException Locked="false" Priority="60" Name="Light Shading Accent 6"/>
<w:LsdException Locked="false" Priority="61" Name="Light List Accent 6"/>
<w:LsdException Locked="false" Priority="62" Name="Light Grid Accent 6"/>
<w:LsdException Locked="false" Priority="63" Name="Medium Shading 1 Accent 6"/>
<w:LsdException Locked="false" Priority="64" Name="Medium Shading 2 Accent 6"/>
<w:LsdException Locked="false" Priority="65" Name="Medium List 1 Accent 6"/>
<w:LsdException Locked="false" Priority="66" Name="Medium List 2 Accent 6"/>
<w:LsdException Locked="false" Priority="67" Name="Medium Grid 1 Accent 6"/>
<w:LsdException Locked="false" Priority="68" Name="Medium Grid 2 Accent 6"/>
<w:LsdException Locked="false" Priority="69" Name="Medium Grid 3 Accent 6"/>
<w:LsdException Locked="false" Priority="70" Name="Dark List Accent 6"/>
<w:LsdException Locked="false" Priority="71" Name="Colorful Shading Accent 6"/>
<w:LsdException Locked="false" Priority="72" Name="Colorful List Accent 6"/>
<w:LsdException Locked="false" Priority="73" Name="Colorful Grid Accent 6"/>
<w:LsdException Locked="false" Priority="19" QFormat="true"
Name="Subtle Emphasis"/>
<w:LsdException Locked="false" Priority="21" QFormat="true"
Name="Intense Emphasis"/>
<w:LsdException Locked="false" Priority="31" QFormat="true"
Name="Subtle Reference"/>
<w:LsdException Locked="false" Priority="32" QFormat="true"
Name="Intense Reference"/>
<w:LsdException Locked="false" Priority="33" QFormat="true" Name="Book Title"/>
<w:LsdException Locked="false" Priority="37" SemiHidden="true"
UnhideWhenUsed="true" Name="Bibliography"/>
<w:LsdException Locked="false" Priority="39" SemiHidden="true"
UnhideWhenUsed="true" QFormat="true" Name="TOC Heading"/>
<w:LsdException Locked="false" Priority="41" Name="Plain Table 1"/>
<w:LsdException Locked="false" Priority="42" Name="Plain Table 2"/>
<w:LsdException Locked="false" Priority="43" Name="Plain Table 3"/>
<w:LsdException Locked="false" Priority="44" Name="Plain Table 4"/>
<w:LsdException Locked="false" Priority="45" Name="Plain Table 5"/>
<w:LsdException Locked="false" Priority="40" Name="Grid Table Light"/>
<w:LsdException Locked="false" Priority="46" Name="Grid Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="Grid Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="Grid Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="Grid Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="Grid Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="Grid Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="Grid Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="Grid Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="Grid Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="Grid Table 7 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="46" Name="List Table 1 Light"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark"/>
<w:LsdException Locked="false" Priority="51" Name="List Table 6 Colorful"/>
<w:LsdException Locked="false" Priority="52" Name="List Table 7 Colorful"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 1"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 1"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 1"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 1"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 1"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 1"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 2"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 2"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 2"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 2"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 2"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 2"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 3"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 3"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 3"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 3"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 3"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 3"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 4"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 4"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 4"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 4"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 4"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 4"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 5"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 5"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 5"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 5"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 5"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 5"/>
<w:LsdException Locked="false" Priority="46"
Name="List Table 1 Light Accent 6"/>
<w:LsdException Locked="false" Priority="47" Name="List Table 2 Accent 6"/>
<w:LsdException Locked="false" Priority="48" Name="List Table 3 Accent 6"/>
<w:LsdException Locked="false" Priority="49" Name="List Table 4 Accent 6"/>
<w:LsdException Locked="false" Priority="50" Name="List Table 5 Dark Accent 6"/>
<w:LsdException Locked="false" Priority="51"
Name="List Table 6 Colorful Accent 6"/>
<w:LsdException Locked="false" Priority="52"
Name="List Table 7 Colorful Accent 6"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Mention"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Smart Hyperlink"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Hashtag"/>
<w:LsdException Locked="false" SemiHidden="true" UnhideWhenUsed="true"
Name="Unresolved Mention"/>
</w:LatentStyles>
</xml><![endif]--><!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"טבלה רגילה";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-priority:99;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin-top:0in;
mso-para-margin-right:0in;
mso-para-margin-bottom:8.0pt;
mso-para-margin-left:0in;
line-height:107%;
mso-pagination:widow-orphan;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-ascii-font-family:Calibri;
mso-ascii-theme-font:minor-latin;
mso-hansi-font-family:Calibri;
mso-hansi-theme-font:minor-latin;
mso-bidi-font-family:Arial;
mso-bidi-theme-font:minor-bidi;}
</style>
<![endif]-->
</span><span class="st"></span><br />
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">By Amitay Dan </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">11.10.2018 </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Hunting the hunters is fun, but let’s
starts from the background</span></div>
<span class="st"></span><span class="st"></span><span class="st"></span><span class="st"></span><span class="st"></span><span class="st">
</span><br />
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span class="st"><span style="font-family: "times new roman" , serif; font-size: 12.0pt;">In this article I will show how can
we detect Shodan and Fofa user-agents, and who already made a progress. </span></span></div>
<span class="st">
</span>
<br />
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span class="st"><br /></span></div>
<span class="st">
</span>
<br />
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span class="st"><br /></span></div>
<span class="st">
</span>
<br />
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span class="st"><span style="font-family: "times new roman" , serif; font-size: 12.0pt;">What do you know about <a href="https://www.shodan.io/robots.txt">Shodan</a>
<a href="https://censys.io/robots.txt">Censys</a>
<a href="https://www.zoomeye.org/robots.txt">ZoomEye</a>
and <a href="https://fofa.so/robots.txt">Fofa</a>
?</span></span></div>
<span class="st">
</span>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span class="st"><span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Those search engines are dedicated
to map the Internet Of Things and other sensitive devices.</span></span></div>
<span class="st">
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">I like them very much, but I think
it come with a price, everything beings exposed at once, with no time to fix
vulnerabilities. Legally those scanners activities are <a href="https://www.haaretz.co.il/captain/net/.premium-1.2803830" target="_blank">against</a> the ruling made by the Supreme Court of
Israel, but let’s leave it for now focus on the technical aspect .</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">---</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">What can you do in order to prevent
IoT search engine from leaking sensitive database, and scanning exploited
devices, like smart houses?</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">As we all know, now days many houses
are being connected to the internet.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Just like critical infrastructure
and other devices which has connected to the internet for many years.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Now, it's a race to the internet,
even <a href="https://phys.org/news/2018-09-microwave-clock-amazon-alexa-speakers.html" target="_blank">connected </a>microwave is
being provided by Amazon so you can talk to Alexa <a href="https://alexa.amazon.com/" target="_blank">everywhere</a>.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Unlike google which is focusing
mostly on websites, those search engines are dedicated for cataloging sensitive
finding, connected devices, databases and other things which we want to prevent
from felling into the wrong hands.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Is there any solution? can we
implement something in <a href="https://en.wikipedia.org/wiki/Programmable_logic_controller" target="_blank">PLC</a> or <a href="https://en.wikipedia.org/wiki/Remote_terminal_unit" target="_blank">RTU</a> to prevent IoT search engine form detecting
and cataloging them? </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">What smart house vendors should do
to protect users from those search engines? </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Is that even legal to scan the
house? </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Today I had an interesting finding.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">I were looking at error in IoT
search engine called Fofa, and realized something interesting</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">It was saying: </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> E\x00\x00\x00\xffj\x04Host
'*.*.*.*' is not allowed to connect to this MySQL server </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> </span><span style="font-family: "times new roman" , serif; font-size: 12.0pt;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKMrjrTBYT3dL_Sfz7m2XoV3iPsG3lHOa5HVV-MjDO9YSp9-6XKE5gYQ9Gt4RGoCau_OdWsI-OtualLXh6VdWQ-mK2MRVSShQ28hViuJTFRKoHtyHuFcrkoyttj00OWL2Pk1gXf3zz1FAu/s1600/FOFA+Pro+++%25E6%2590%259C%25E7%25B4%25A2%25E7%25BB%2593%25E6%259E%259C.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="324" data-original-width="864" height="150" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKMrjrTBYT3dL_Sfz7m2XoV3iPsG3lHOa5HVV-MjDO9YSp9-6XKE5gYQ9Gt4RGoCau_OdWsI-OtualLXh6VdWQ-mK2MRVSShQ28hViuJTFRKoHtyHuFcrkoyttj00OWL2Pk1gXf3zz1FAu/s400/FOFA+Pro+++%25E6%2590%259C%25E7%25B4%25A2%25E7%25BB%2593%25E6%259E%259C.png" width="400" /></a> </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">It was very interesting because I
never saw anyone speaking about how to prevent those engines from entering into
houses. I did spoke about the legal aspect of it, but let's forget about the
law and keep digging.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">After realizing that this is Fofa
user-agent, I were using <a href="https://www.google.com/search?q=E\x00\x00\x00\xffj\x04Host+%27*.*.*.*%27" target="_blank">Google </a>to check if anyone
mention this string before, none. only Google were mapping Fofa activity in the
wild.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">So I were thinking, let’s see what
Fofa done before? how many times it get blocked while using this string? well
numbers were very high, 840696 times.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Query: <b>"E\x00\x00\x00\xffj\x04Host
'*.*.*.*'"</b>, Total results: 840696</span><span style="font-family: "ms gothic"; font-size: 12.0pt;">,</span><span style="font-family: "times new roman" , serif; font-size: 12.0pt;">took 4545 ms</span><span style="font-family: "ms gothic"; font-size: 12.0pt;">,</span><span style="font-family: "times new roman" , serif; font-size: 12.0pt;">mode:
normal. <br />
</span><span style="font-family: "ms gothic"; font-size: 12.0pt;">默</span><span style="font-family: "simsun"; font-size: 12.0pt;">认只显示一年内的数据,点击</span><span style="font-family: "times new roman" , serif; font-size: 12.0pt;">
<a href="http://fofa.so/result?q=%22E%5Cx00%5Cx00%5Cx00%5Cxffj%5Cx04Host+%27*.*.*.*%27%22&qbase64=IkVceDAwXHgwMFx4MDBceGZmalx4MDRIb3N0ICcqLiouKi4qJyI%3D&full=true">all</a> </span><span style="font-family: "simsun"; font-size: 12.0pt;">链接查看所有</span><span style="font-family: "ms gothic"; font-size: 12.0pt;">。</span></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "ms gothic"; font-size: 12.0pt;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4V8WlS2KlscrUKV5sc_Kjoa5teTvxzDeAsIlX_7nIX-USB15r-cMnL2oOrwcVfF-k5WzUTm-PoJEOEytWyicbODdNGz6FLGTJA2WkfD9P6hsaE9teqsNFAIf90ihFCScm3MHy8sEDWTzd/s1600/FOFA+Pro+++%25E6%2590%259C%25E7%25B4%25A2%25E7%25BB%2593%25E6%259E%259C2.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1309" data-original-width="1149" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4V8WlS2KlscrUKV5sc_Kjoa5teTvxzDeAsIlX_7nIX-USB15r-cMnL2oOrwcVfF-k5WzUTm-PoJEOEytWyicbODdNGz6FLGTJA2WkfD9P6hsaE9teqsNFAIf90ihFCScm3MHy8sEDWTzd/s400/FOFA+Pro+++%25E6%2590%259C%25E7%25B4%25A2%25E7%25BB%2593%25E6%259E%259C2.png" width="350" /></a> </span><span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div align="center" class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4V8WlS2KlscrUKV5sc_Kjoa5teTvxzDeAsIlX_7nIX-USB15r-cMnL2oOrwcVfF-k5WzUTm-PoJEOEytWyicbODdNGz6FLGTJA2WkfD9P6hsaE9teqsNFAIf90ihFCScm3MHy8sEDWTzd/s1600/FOFA+Pro+++%25E6%2590%259C%25E7%25B4%25A2%25E7%25BB%2593%25E6%259E%259C2.png"><span style="font-family: "times new roman" , serif; font-size: 12pt; text-decoration: none;"><span style="mso-ignore: vglayout;"><br /></span></span></a><span style="font-family: "times new roman" , serif; font-size: 12.0pt;"></span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Now I was thinking, what about
Shodan, can we look for Shodan in the wild?</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Googling this subject were leading
me into a results from a website called "<a href="https://www.webmasterworld.com/search_engine_spiders/4808690.htm" target="_blank">Webmaster World</a>" back </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">to Jun 2016 someone shared
information about strange behavior of Shodan.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> </span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhV2b0NUpRNW9VDB1a4ox0JDEIRX5x3akExMyMxuROP0npQAwMqbJafhxv9Zou6mMOVWxa4yn9xXdsVDGHxuChPq0Lp8T8sJxxLwT4XEHamHVTKurEhmfbH9aaob28mNwbpR4y1DwFC2hDe/s1600/shodan+++user+agent++proxy++referer+++Search+Engine+Spider+and+User+Agent+Identification+forum+at+WebmasterWorld+++WebmasterWorld.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="542" data-original-width="898" height="241" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhV2b0NUpRNW9VDB1a4ox0JDEIRX5x3akExMyMxuROP0npQAwMqbJafhxv9Zou6mMOVWxa4yn9xXdsVDGHxuChPq0Lp8T8sJxxLwT4XEHamHVTKurEhmfbH9aaob28mNwbpR4y1DwFC2hDe/s400/shodan+++user+agent++proxy++referer+++Search+Engine+Spider+and+User+Agent+Identification+forum+at+WebmasterWorld+++WebmasterWorld.png" width="400" /></a></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">While reading the post, I gain user
agents which seems to be used by Shodan</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<b><span style="font-family: "times new roman" , serif; font-size: 12.0pt;">shodanscanprint</span></b><span style="font-family: "times new roman" , serif; font-size: 12.0pt;"></span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<b><span style="font-family: "times new roman" , serif; font-size: 12.0pt;">shodanscanprint(chr(49).chr(55).chr(73).chr(53).chr(51).chr(48).chr(86).chr(65).chr(117).chr(52))</span></b><span style="font-family: "times new roman" , serif; font-size: 12.0pt;"></span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> </span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhQfKfrySZEx1IYxehZYVpWqpzFsf06JkVShswPxRbEtqJ3fNVIcI9WkukpSWKepJLQbHCxSxv5Q5z3IafbMjqHAgNvqzX5Ny5u7tBOHOYAGHUeEeRgwfXX-ejVCpOYScwA4v63Gk8m4tT/s1600/shodan+++user+agent++proxy++referer+++Search+Engine+Spider+and+User+Agent+Identification+forum+at+WebmasterWorld+++WebmasterWorld2.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="62" data-original-width="649" height="37" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhQfKfrySZEx1IYxehZYVpWqpzFsf06JkVShswPxRbEtqJ3fNVIcI9WkukpSWKepJLQbHCxSxv5Q5z3IafbMjqHAgNvqzX5Ny5u7tBOHOYAGHUeEeRgwfXX-ejVCpOYScwA4v63Gk8m4tT/s400/shodan+++user+agent++proxy++referer+++Search+Engine+Spider+and+User+Agent+Identification+forum+at+WebmasterWorld+++WebmasterWorld2.png" width="400" /></a></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> <b>g3shodanscanprint</b></span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> </span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4KmItr29-zK8RzO9pQAIvz3rZlJTldrpKV5Cgm6MitX_CFx94Al2gkbiL296jVzgiBu8DPVL69G0g4dadCXf2huhtGpQuzC0zPlbZWSedpjTOr-wdzNLBmLTaluVhhFzgFGJwGJwU7i5h/s1600/shodan+++user+agent++proxy++referer+++Search+Engine+Spider+and+User+Agent+Identification+forum+at+WebmasterWorld+++WebmasterWorld3.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="62" data-original-width="570" height="42" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4KmItr29-zK8RzO9pQAIvz3rZlJTldrpKV5Cgm6MitX_CFx94Al2gkbiL296jVzgiBu8DPVL69G0g4dadCXf2huhtGpQuzC0zPlbZWSedpjTOr-wdzNLBmLTaluVhhFzgFGJwGJwU7i5h/s400/shodan+++user+agent++proxy++referer+++Search+Engine+Spider+and+User+Agent+Identification+forum+at+WebmasterWorld+++WebmasterWorld3.png" width="400" /></a></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Now I had <a href="https://www.exploit-db.com/google-hacking-database/" target="_blank">dorks </a>to hunt</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div align="center" class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy-3QjpWP2bzZ4k_-XX-JhOS_AtFPyLGEcQcCVA8eoT9EtUs7Yk9TZTZZK262xg8CeoigZdJTecAwPlLzYxh71rihyYDmn5n21ANJLZQrmIyJgpHZLxe5FZRjfbAw31bLrXSkiiGlx-e85/s1600/g3shodanscanprint+++Google+Search.png"><span style="font-family: "times new roman" , serif; font-size: 12pt; text-decoration: none;"><span style="mso-ignore: vglayout;"></span></span></a><span style="font-family: "times new roman" , serif; font-size: 12.0pt;"></span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> </span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy-3QjpWP2bzZ4k_-XX-JhOS_AtFPyLGEcQcCVA8eoT9EtUs7Yk9TZTZZK262xg8CeoigZdJTecAwPlLzYxh71rihyYDmn5n21ANJLZQrmIyJgpHZLxe5FZRjfbAw31bLrXSkiiGlx-e85/s1600/g3shodanscanprint+++Google+Search.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="424" data-original-width="814" height="207" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy-3QjpWP2bzZ4k_-XX-JhOS_AtFPyLGEcQcCVA8eoT9EtUs7Yk9TZTZZK262xg8CeoigZdJTecAwPlLzYxh71rihyYDmn5n21ANJLZQrmIyJgpHZLxe5FZRjfbAw31bLrXSkiiGlx-e85/s400/g3shodanscanprint+++Google+Search.png" width="400" /></a></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVwDFwuC0PMVN4jeFrILnLq5mrFVBH02ZV4g0PhyH1kXaNOvJqJruR8_BGIir2j009FofxSFBfhzY60zQaUazlN6l36kKttwRAk9VFzFyGpFI2ylnJ0oI5olmtf9aCpqV6QBEjo9pHVQAw/s1600/shodanscanprint+++Google+Search.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1600" data-original-width="1051" height="400" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVwDFwuC0PMVN4jeFrILnLq5mrFVBH02ZV4g0PhyH1kXaNOvJqJruR8_BGIir2j009FofxSFBfhzY60zQaUazlN6l36kKttwRAk9VFzFyGpFI2ylnJ0oI5olmtf9aCpqV6QBEjo9pHVQAw/s400/shodanscanprint+++Google+Search.png" width="262" /></a> </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div align="center" class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVwDFwuC0PMVN4jeFrILnLq5mrFVBH02ZV4g0PhyH1kXaNOvJqJruR8_BGIir2j009FofxSFBfhzY60zQaUazlN6l36kKttwRAk9VFzFyGpFI2ylnJ0oI5olmtf9aCpqV6QBEjo9pHVQAw/s1600/shodanscanprint+++Google+Search.png"><span style="font-family: "times new roman" , serif; font-size: 12pt; text-decoration: none;"><span style="mso-ignore: vglayout;"></span></span></a><span style="font-family: "times new roman" , serif; font-size: 12.0pt;"></span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Then <a href="https://novostimira.com/search_stat.php?showall=1&limit=500" target="_blank">came </a>new <a href="http://www.britanniamodels.com/stats/agent_201607.html" target="_blank">results</a></span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<i><span style="font-family: "times new roman" , serif; font-size: 12.0pt;">shodanscan'ls</span></i><span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> -la'</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">g3shodanscan');ls -la;/* </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">g3shodanscan'{${print(chr(49).c</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> </span><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjg8fQF86fAhRlgTzgcRBo6DtWvh3zRR_uYjmBhCk5YUR3JpBMhVK7EmEYfdyBYXHSehWHdHfdCnrJDXsHK6xpTC2yPDNzxiX1NXY8BAqq-j_AVyNf4tDmcUldsj9V1tRtwY2Jty-jCsH6E/s1600/g3shodanscanprint+++Google+Search2.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="314" data-original-width="1024" height="122" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjg8fQF86fAhRlgTzgcRBo6DtWvh3zRR_uYjmBhCk5YUR3JpBMhVK7EmEYfdyBYXHSehWHdHfdCnrJDXsHK6xpTC2yPDNzxiX1NXY8BAqq-j_AVyNf4tDmcUldsj9V1tRtwY2Jty-jCsH6E/s400/g3shodanscanprint+++Google+Search2.png" width="400" /></a></div>
<div align="center" class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjg8fQF86fAhRlgTzgcRBo6DtWvh3zRR_uYjmBhCk5YUR3JpBMhVK7EmEYfdyBYXHSehWHdHfdCnrJDXsHK6xpTC2yPDNzxiX1NXY8BAqq-j_AVyNf4tDmcUldsj9V1tRtwY2Jty-jCsH6E/s1600/g3shodanscanprint+++Google+Search2.png"><span style="font-family: "times new roman" , serif; font-size: 12pt; text-decoration: none;"><span style="mso-ignore: vglayout;"></span></span></a><span style="font-family: "times new roman" , serif; font-size: 12.0pt;"></span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">While analyzing the
findings, I was thinking maybe it's a starts. why don't we build a database of
IoT search engine, so developer can use it and try to prevent them from adding
devices and sensitive data?</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">However, after some searching, I've
realized that some researchers from the academic field, already made a progress
and <a href="https://www.semanticscholar.org/paper/Abnormal-Behavior-Based-Detection-of-Shodan-and-Lee-Shin/9601165c4e4c8e526d7219ba01e766348bca77b5" target="_blank">published </a>a research about
this subject during the 2017 Ninth International Conference on Ubiquitous and
Future Networks (<a href="http://2017.icufn.org/wp-content/uploads/2017/08/ICUFN2017-Final-Program_0814.pdf" target="_blank">ICUFN 2017</a>).</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> The article name is
"Abnormal Behavior-Based Detection of Shodan and Censys-Like
Scanning"</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">The researcher are <a href="https://ieeexplore.ieee.org/search/searchresult.jsp?searchWithin=%22First%20Name%22:%22Seungwoon%22&searchWithin=%22Last%20Name%22:%22Lee%22&newsearch=true">Seungwoon Lee</a>; <a href="https://ieeexplore.ieee.org/search/searchresult.jsp?searchWithin=%22First%20Name%22:%22Seung-Hun%22&searchWithin=%22Last%20Name%22:%22Shin%22&newsearch=true">Seung-Hun Shin </a>; <a href="https://ieeexplore.ieee.org/search/searchresult.jsp?searchWithin=%22First%20Name%22:%22Byeong-hee%22&searchWithin=%22Last%20Name%22:%22Roh%22&newsearch=true">Byeong-hee Roh</a> all based on South Korea.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Here is the abstract they <a href="https://ieeexplore.ieee.org/document/7993960/authors" target="_blank">wrote</a>:</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; margin-bottom: .0001pt; margin-bottom: 0in;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">"Shodan and Censys, also known
as IP Device search engines, build searchable databases of internet devices and
networks. Even these tools are useful for security, those also can provide the
vulnerabilities to malicious users. To prevent the information disclosure of
own IP devices on those search engines, a fundamental solution is blocking the
access from the scanners of them. Therefore, it is needed to understand and
consider their scanning mechanism. Therefore, we propose an abnormal behavior
based scan detection of Shodan and Censys. To do this, several traditional scan
detection approaches are combined and applied to satisfy their specification.
Proposed idea is monitoring packets whether it is abnormal or not and adding on
the suspicious list if it is. This is based on traditional threshold
approaches. To figure out it is abnormal, stateful TCP stateful packet
inspection is used. The response behavior during the connection can be
identified with TCP flag and abnormal behavior can be classified with SYN Scan,
Banner Grabbing, and Combined SYN and Banner Grabbing. Demonstration is
simulated in a Censys-like environment and detected time variation per variance
of distributed detectors and Threshold value is analyzed."</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br />
Later, I saw two <a href="https://github.com/romcheckfail/shodan-ip-block-list" rel="nofollow" target="_blank">projects </a>in <a href="https://github.com/stamparm/ipsum/issues/3" rel="nofollow" target="_blank">Github </a>focusing on Shodan Only, <a href="http://romcheckfail.com/blocking-shodan-keeping-shodan-io-in-the-dark-from-scanning/" rel="nofollow" target="_blank">posts </a>about it and <a href="https://wiki.ipfire.org/configuration/firewall/blockshodan" rel="nofollow" target="_blank">other </a>projects<br />
The most effective and updated service seems to be given by <a href="https://isc.sans.edu/forums/diary/Using+Our+API+To+Adjust+iptables+Rules/23113/" rel="nofollow" target="_blank">SANS ISC (Internet Storm Center ) InfoSec</a>, it's called <a href="https://isc.sans.edu/api/" rel="nofollow" target="_blank">DShield</a> API.<br />
<br />
Most of the projects are giving solutions based on IPs list, and less user agents, or just looking only on Shodan and censys, without giving attention to the Chinese based competitors.<br />
<br />
As for <a href="https://support.censys.io/getting-started/frequently-asked-questions-faq" rel="nofollow" target="_blank">Censys,</a> in their website, they have explanation of how to prevent them from scanning, yet, they won't delete results.<br />
<br />
<h4 class="intercom-align-left" data-post-processed="true">
<i>"Can I opt-out of Censys scans?</i></h4>
<i>
</i>
<br />
<div class="intercom-align-left">
<i>Censys scans help the scientific
community accurately study the Internet. The data is sometimes used to
detect security problems and to inform operators of vulnerable systems
so that they can fixed. If you opt-out of the research, you might not
receive these important security notifications. </i></div>
<i>
</i>
<br />
<div class="intercom-align-left">
<i>However, if you wish to opt-out, you can configure your firewall to drop traffic from the subnets we use for the measurements: <a href="http://141.212.121.0/" rel="nofollow noopener noreferrer" target="_blank">141.212.121.0</a>/24
and 141.212.122.0/24. We do not remove results from Censys, but if you
have blocked these subnets, the results will automatically be pruned
out."</i></div>
<div class="intercom-align-left">
</div>
<b>Conclusion</b></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;"> </span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">To summarize, I think IoT search
engine are something great, they are really helping for security researcher and
basically for the safety. Scanning engines activities might be illegal in some countries, yet,
it's helping to detect problem and push vendors into solutions.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">As from the vendors and the end users’
aspects, they might be unhappy to know that their house or product are now out
here, not protected and easy to attack.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">I know that tools which detect port
scanning are nothing new, but being focused on search engine activity, and
banning and blocking them locally from adding sensitive information into the
catalog of things, might help in many cases when solution is not coming soon,
and fixing won't be done before the attacker will take advantages.</span></div>
<div class="MsoNormal" style="line-height: normal; text-align: left;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">We should balance between the
freedom to know everything, the interest of security researcher to get data
about exploited devices, and the rights for personal and public safety.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Giving the public abilities to
detect user-agents of internet of things devices, it’s something to start with.</span><br />
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Now, let’s hunt the hunters</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Let’s hunt Shodan, ZoomEye Fofa and
Censys.</span></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<br /></div>
<div class="MsoNormal" style="line-height: normal; mso-margin-bottom-alt: auto; mso-margin-top-alt: auto;">
<span style="font-family: "times new roman" , serif; font-size: 12.0pt;">Let’s <span style="color: black;"><a href="https://goo.gl/forms/z04AVuvgA53pPT3z1" target="_blank">build </a></span>database of user agents belongs to IoT
search engine. </span></div>
</span></div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-90625106066231088912018-10-10T17:03:00.001-07:002018-10-10T17:06:44.357-07:00Can bot spy on IoT bot?<div dir="ltr" style="text-align: left;" trbidi="on">
Today I was trying to compare the anti robot rules between the major IoT search engine.<br />
<br />
Starting from <a href="https://www.shodan.io/robots.txt" rel="nofollow" target="_blank">Shodan</a> later <a href="https://censys.io/robots.txt" rel="nofollow" target="_blank">Censys</a> and <a href="https://www.zoomeye.org/robots.txt" rel="nofollow" target="_blank">ZoomEye</a> and finalizing with <a href="https://fofa.so/robots.txt" rel="nofollow" target="_blank">Fofa.</a> <br />
<h2 style="text-align: left;">
<b>Shodan</b></h2>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBq9JZCG9iBdC-3YX4DmgPlcvLfoJxNNBu65wt8AK-VlZL3SjfDG-qLwZEKDWBLPI_ASPGIZHKIbckyBE3xVyMJDq1insQTrNcmz-OV_7-TdXUUorm3mVxuX_hBtOjLVQWbqrR7cvqk9fD/s1600/Shodan.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="222" data-original-width="507" height="173" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBq9JZCG9iBdC-3YX4DmgPlcvLfoJxNNBu65wt8AK-VlZL3SjfDG-qLwZEKDWBLPI_ASPGIZHKIbckyBE3xVyMJDq1insQTrNcmz-OV_7-TdXUUorm3mVxuX_hBtOjLVQWbqrR7cvqk9fD/s400/Shodan.jpg" width="400" /></a></div>
<br />
<br />
<pre>User-Agent: Twitterbot
Allow: /host/
# Every bot that might possibly read and respect this file.
User-agent: *
Crawl-delay: 10
Disallow: /search*
Disallow: /host/
Disallow: /report/</pre>
<br />
<h2 style="text-align: left;">
Censys</h2>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqruyF9RbC6QNwvp5NiTqajMcdxMC6MAo7UO4Hf844RinvKIXJddcNnCMcLuWmcpv0ruw0jnqGm0a1fSC8OYkXmRAlyJIY1jym23k4o7KiuZo6l5bF5EfQPobwLdVY2O_Ay36DL9-lTJ2_/s1600/censys.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="313" data-original-width="386" height="323" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqruyF9RbC6QNwvp5NiTqajMcdxMC6MAo7UO4Hf844RinvKIXJddcNnCMcLuWmcpv0ruw0jnqGm0a1fSC8OYkXmRAlyJIY1jym23k4o7KiuZo6l5bF5EfQPobwLdVY2O_Ay36DL9-lTJ2_/s400/censys.jpg" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<br />
<br />
<br />
<pre>User-agent: *
Disallow: /ipv4
Allow: /ipv4/
Disallow: /ipv4/metadata
Disallow: /ipv4/*/
Disallow: /certificates
Allow: /certificates/
Disallow: /certificates/metadata
Disallow: /certificates/*/
Disallow: /domain
Allow: /domain/
Disallow: /domain/metadata
Disallow: /domain/*/
Disallow: /data/scansio
Disallow: /login
Disallow: /logout
Disallow: /account</pre>
<br />
<br />
<br />
<h2 style="text-align: left;">
<b>ZoomEye </b></h2>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjD1yw23e7ArtdFtdY-g6AbdkMFC9A2qxca_lOaSHwD50U-43pCInSikxOPH1jSlq2SJEbEyJIYPCUhCDV2oVhFGNDXJ3kH6nTs-67sii7n_fIMJngrzzni2rqJG-jVehGY8WDC38hc9vgt/s1600/zoomeye.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="453" data-original-width="994" height="181" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjD1yw23e7ArtdFtdY-g6AbdkMFC9A2qxca_lOaSHwD50U-43pCInSikxOPH1jSlq2SJEbEyJIYPCUhCDV2oVhFGNDXJ3kH6nTs-67sii7n_fIMJngrzzni2rqJG-jVehGY8WDC38hc9vgt/s400/zoomeye.jpg" width="400" /></a></div>
<br />
<br />
<br />
<br />
As you can see in ZoomEye there are no rules.<br />
<br />
<br />
<h2 style="text-align: left;">
<b>Fofa</b></h2>
<br />
<img border="0" data-original-height="217" data-original-width="808" height="105" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3rQDSQkORxlpk-2AgTyL2xl-qU8e048qfcc_BvL7RAP8e8ZGpU41ph-IN93VJwWC7usRvO5qVPLxxrNSoVCXqbhRYaYBmrZVwiWfmsqm2StmJg278Rlqa9l0TK35m1KI0OR4GGvCom9c7/s400/Fofa.jpg" width="400" /><br />
<pre># See http://www.robotstxt.org/robotstxt.html for documentation on how to use the robots.txt file
#
# To ban all spiders from the entire site uncomment the next two lines:
# User-agent: *
# Disallow: /</pre>
<br />
<br /></div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-61324200604512475692018-09-30T23:20:00.001-07:002018-10-01T08:20:08.165-07:00Caller ID project - IEC we have a problem <div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="ltr">
<br />
~~This article is for awarness only, don't use it to gain information about other people~~~~<br />
<br />
As part of my ongoing <a href="http://popshark11.blogspot.com/2018/09/caller-id.html">project</a> about Caller ID I'm sharing this data.</div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
The <a href="https://www.iec.co.il/" target="_blank">IEC</a> (Israel Electric Company) is exposing the physical address of the clients, with or without the needs of spoof call.</div>
<div dir="ltr">
All the attacker needs to know is the phone number, known or unknown target.</div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
Later, he can type it in the IVR system, where client can inform about problems.</div>
<div dir="ltr">
As a results, the IVR system is sharing the address which is connected to this phone number.</div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
Since most of us, have electric power connected to our houses, and bill to pay - it's really hard to prevent it, even in situation when the privacy is important</div>
<div dir="ltr">
Calling the IEC is <a href="https://www.iec.co.il/homeclients/pages/tel103.aspx">very simple</a>:</div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
Short number from Israel 103<br />
Local and international:<br />
+972(0)4-8187100<br />
~~~~~~~~~~~~~~~~~~~~~<br />
Exploit for address in Hebrew<br />
Call from blocked number and then<br />
<br />
103;1;1;*;{target phone number},#;1<br />
<br /></div>
<div dir="ltr">
+972(0)4-8187100;1;1;*;{target phone number},#;1<br />
~~~~~~~~~~~~~~~~~~~~~~<br />
<div dir="ltr">
Exploit for address in English<br />
Call from blocked number and then<br />
<br />
103;2;1;*;{client phone number},#;1<br />
<br /></div>
<div dir="ltr">
+972(0)4-8187100;2;1;*;{client phone number},#;1</div>
~~~~~~~~~~~~~~~~~~~~~<br />
<div dir="ltr">
<br /></div>
<br /></div>
<div dir="ltr">
The IEC already in the loop, so I hope they will fix it sooner then later.</div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
We must understand that our dependency on Caller ID is totaly worng, just like missing of SSL in web services.</div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
In this case study, potenial actor don't have to change the caller ID in order to get data, so it's very good lesson of what to avoid.</div>
<div dir="ltr">
<br /></div>
<div dir="ltr">
More information about the caller ID project will be shared here in my blog, or my <a href="https://twitter.com/popshark1?lang=en">Twitter</a> account.<br />
<br />
<br /></div>
<div dir="ltr">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWBdZ8OBXc7_2f7Q3WniwocXQKFdaKojcF8p0EVwICgcdvIq1HANSNc7-bC5bVdhX-5BNnu_n0w9PDHblX4lGCUNkuP8mFIO56TenVhiGAIlrxOeqnb0Zk1EduFfVcnhm32sx8lW4YIN2H/s1600/Capture%252B_2018-10-01-08-45-41.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="754" data-original-width="709" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWBdZ8OBXc7_2f7Q3WniwocXQKFdaKojcF8p0EVwICgcdvIq1HANSNc7-bC5bVdhX-5BNnu_n0w9PDHblX4lGCUNkuP8mFIO56TenVhiGAIlrxOeqnb0Zk1EduFfVcnhm32sx8lW4YIN2H/s640/Capture%252B_2018-10-01-08-45-41.png" width="600" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
It seems that this problem came after an idea to make <a href="https://www.iec.co.il/HomeClients/Documents/glilanedaber.pdf" target="_blank">better</a> service to the clients </div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIfI_R_WT66RNQM0AyrDrcZO2RwA1CxVer3jMh6dSaBzMu07yMal_F30S2iwbcmI-3RWHnXzByLtd1aWr8ukhW-BKXCR4mBokd7b84yq6T7u3z64zINMTcpuAYB4yAGVoPDLX4Mrkrz3zd/s1600/Capture%252B_2018-10-01-18-09-07.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="553" data-original-width="711" height="496" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIfI_R_WT66RNQM0AyrDrcZO2RwA1CxVer3jMh6dSaBzMu07yMal_F30S2iwbcmI-3RWHnXzByLtd1aWr8ukhW-BKXCR4mBokd7b84yq6T7u3z64zINMTcpuAYB4yAGVoPDLX4Mrkrz3zd/s640/Capture%252B_2018-10-01-18-09-07.png" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-26010119123861976102018-09-19T18:04:00.000-07:002018-09-22T16:30:57.328-07:00מלחמת פרופגנדה ב IMDB<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: right;">
</div>
<div data-contents="true">
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">מכירים את IMDB?</span></div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; white-space: pre-wrap;"> עד כמה האתר משמש לכם כמקור מהימן לדירוג סרטים לפני שאתם בוחרים סרט?</span></div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">לאחרונה יצא לאור סרט דוקומנטרי פרו רוסי בשם "A Sniper's Wars" המתעד צלף סרבי שהתנדב לקרבות במזרח אוקראינה.</span></div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline;"><span style="font-family: "arial";"><span style="font-size: 14.6667px; white-space: pre-wrap;">https://m.imdb.com/title/tt7974772</span></span></span></div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline;"><span style="font-family: "arial";"><span style="font-size: 14.6667px; white-space: pre-wrap;"><br /></span></span></span></div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">מיד לאחר הפרסום, הסרט קיבל ביקורת שלילית של אלפי פרופילים מזוייפים, והראה כיצד הקרבות הפיזיים באוקראינה פולשים למרחב הקיברנטי והופכים לקרב תעמולה שבו הצד הפרו רוסי מקבל כיסוי חיובי בצורת סרט דוקו, ומאידך לאחר הפרסום של הסרט הצד השני נלחם בו, בצורה של הורדת הדירוג של הסרט על ידי מה שנראה כצבא של בוטים.</span></div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; white-space: pre-wrap;"><br /></span></div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; white-space: pre-wrap;">אני לא חקרתי עדיין עד כמה סרטים פוליטיים עוברים מלחמות דירוג של בוטים, אבל ברור לי שהשפעה על הדירוג מהווה קלף הסברתי שנראה יותר צדדים לעימותים ומחלוקות שיבחרו להשתמש בו, וזאת במקביל לעימותים הפיזיים או למניפולציות ברשתות חברתיות.</span></div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"> למרות שהנושא כבר סוקר בעבר, מסתבר שב IMDB לא השכילו להטמיע מערכת יעילה להתמודדות עם בוטים וביקורות מזויפות.</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">מאחר ש IMDB הינה חברה בבעלות Amazon, צריך לשאול את החברה כיצד היא מתמודדות עם הטיה פוליטית (ומסחרית) של ביקורות על סרטים, ולהבין האם היא אחראית להשפעה הפוליטית של הפלטפורמה שבבעלותה.</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">זה מאוד רלוונטי, כי אנשים רואים בביקורות שם לגיטימיות, בעוד שבפועל מדובר לא פעם בביקורות שנשלטות על ידי תוכנות, או גורמים מסחריים שרוצים לקדם צפיה בסרטים חדשים גם אם הם גרועים במיוחד.</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">במקרה של הסרט הספציפי, הבוטים הוגדרו כגברים המתגוררים מחוץ לארצות הברית.</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><br />
<div dir="ltr" style="text-align: left;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><a href="https://www.imdb.com/title/tt7974772/reviews?ref_=tt_urv"><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">https://www.imdb.com/title/tt7974772/reviews?ref_=tt_urv</span></a></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span></div>
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">לאחר בדיקה ידנית של מדרגים, התברר שרובם נפתחו באותו יום שבו דירגו והם נתנו ביקורות רק לסרט המדובר.</span></div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div dir="rtl" style="text-align: right;">
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">mailzfork</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">zellarablack</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">andrewsamchenko</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">revolutioner-00912</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">fourty-9</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">maksim-cypurdeev</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">royyuri</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">dimanowolf</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">sergiy-fakas</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">volodymyrivanov</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">mellonn</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">oleksiitroian</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">game-exe</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">glebbabenko</span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br class="kix-line-break" /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">במהלך הכתיבה <a href="https://ru.espreso.tv/news/2018/07/30/novyy_fleshmob_ukrayncy_obrushyly_reytyng_fylma_o_serbskom_naemnyke_quotdnrquot" rel="nofollow" target="_blank">מצאתי</a> <a href="https://getsatisfaction.com/imdb/topics/fake-reviews-come-on-do-something-about-it?topic-reply-list%5Bsettings%5D%5Bfilter_by%5D=all&topic-reply-list%5Bsettings%5D%5Breply_id%5D=19670429#reply_19670429" rel="nofollow" target="_blank">חומר</a> <a href="https://getsatisfaction.com/imdb/topics/the-film-a-snipers-war-is-about-a-russian-murderer-who-killed-in-the-occupied-territory-of-ukraine-how-did-s565qucas124a" rel="nofollow" target="_blank">נוסף</a>, ככה שהתברר שלפחות במקרה הזה היו גורמים פרו רוסים ששמו לב למניפולציה הספציפית קצת לפני שאני איתרתי אותה.</span> </div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div style="text-align: right;">
אז איך קונים באופן עצמאי רייטינג ב IMDB? אחד המקומות שניתן לבחור בהם הוא האתר <a href="https://www.fiverr.com/search/gigs?utf8=%E2%9C%93&source=top-bar&locale=en&search_in=everywhere&query=imdb&search-autocomplete-original-term=&search-autocomplete-original-term=&search-autocomplete-original-term=&search-autocomplete-original-term=imdb" rel="nofollow" target="_blank">Fiver</a> שבו ישמחו לספק לכם שירות מגוון ספקים.</div>
</div>
<div dir="rtl" id="docs-internal-guid-3ca2bc56-7fff-1697-92ae-8673e358b561" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<div dir="rtl" style="text-align: right;">
<br /></div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<br /></div>
</div>
<div class="" data-block="true" data-editor="b076u" data-offset-key="70vqo-0-0" style="text-align: left;">
<div class="_1mf _1mj" data-offset-key="70vqo-0-0">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOGuJmNNnLgU7GLNi0pvlGcSc2_lX9US-VSn1Vs6KcGEbonAbM6gO8Q1znl_wrytINd4YOL0Dfc0FLSo31SBD8uftWGK0Ik1ihkc3nMTkWRZL4MRxeIRYQoe81BTYnTbgnThtfFUovvK9w/s1600/A+Sniper+s+War++2018++++User+ratings+++IMDb.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="948" data-original-width="604" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhOGuJmNNnLgU7GLNi0pvlGcSc2_lX9US-VSn1Vs6KcGEbonAbM6gO8Q1znl_wrytINd4YOL0Dfc0FLSo31SBD8uftWGK0Ik1ihkc3nMTkWRZL4MRxeIRYQoe81BTYnTbgnThtfFUovvK9w/s1600/A+Sniper+s+War++2018++++User+ratings+++IMDb.png" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5cJu2N4EElWmA6uDG41x265qL81HuX2FRXRDJj0DEfHzxuoM6D5RnKjZiDXqXvBvgY88_fruegExrUcPBWOmQoOBzTCH5GEa_jjjAH8BBRMsFrHyTEgjbsYYQ1VQjEaRGFDCuurSTrpTx/s1600/%25D0%259D%25D0%25BE%25D0%25B2%25D1%258B%25D0%25B9+%25D1%2584%25D0%25BB%25D0%25B5%25D1%2588%25D0%25BC%25D0%25BE%25D0%25B1++%25D1%2583%25D0%25BA%25D1%2580%25D0%25B0%25D0%25B8%25D0%25BD%25D1%2586%25D1%258B+%25D0%25BE%25D0%25B1%25D1%2580%25D1%2583%25D1%2588%25D0%25B8%25D0%25BB%25D0%25B8+%25D1%2580%25D0%25B5%25D0%25B9%25D1%2582%25D0%25B8%25D0%25BD%25D0%25B3+%25D1%2584%25D0%25B8%25D0%25BB%25D1%258C%25D0%25BC%25D0%25B0+%25D0%25BE+%25D1%2581%25D0%25B5%25D1%2580%25D0%25B1%25D1%2581%25D0%25BA%25D0%25BE%25D0%25BC+%25D0%25BD%25D0%25B0%25D0%25B5%25D0%25BC%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B5++%25D0%2594%25D0%259D%25D0%25A0+.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1600" data-original-width="559" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5cJu2N4EElWmA6uDG41x265qL81HuX2FRXRDJj0DEfHzxuoM6D5RnKjZiDXqXvBvgY88_fruegExrUcPBWOmQoOBzTCH5GEa_jjjAH8BBRMsFrHyTEgjbsYYQ1VQjEaRGFDCuurSTrpTx/s1600/%25D0%259D%25D0%25BE%25D0%25B2%25D1%258B%25D0%25B9+%25D1%2584%25D0%25BB%25D0%25B5%25D1%2588%25D0%25BC%25D0%25BE%25D0%25B1++%25D1%2583%25D0%25BA%25D1%2580%25D0%25B0%25D0%25B8%25D0%25BD%25D1%2586%25D1%258B+%25D0%25BE%25D0%25B1%25D1%2580%25D1%2583%25D1%2588%25D0%25B8%25D0%25BB%25D0%25B8+%25D1%2580%25D0%25B5%25D0%25B9%25D1%2582%25D0%25B8%25D0%25BD%25D0%25B3+%25D1%2584%25D0%25B8%25D0%25BB%25D1%258C%25D0%25BC%25D0%25B0+%25D0%25BE+%25D1%2581%25D0%25B5%25D1%2580%25D0%25B1%25D1%2581%25D0%25BA%25D0%25BE%25D0%25BC+%25D0%25BD%25D0%25B0%25D0%25B5%25D0%25BC%25D0%25BD%25D0%25B8%25D0%25BA%25D0%25B5++%25D0%2594%25D0%259D%25D0%25A0+.png" /></a></div>
</div>
</div>
</div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-48847459245057998442018-09-05T00:28:00.001-07:002018-09-30T22:51:36.119-07:00פרוייקט מיפוי מרכזיות שמזהות לקוחות לפי Caller ID<div dir="ltr" style="text-align: left;" trbidi="on">
<div dir="rtl" style="text-align: right;">
לפני מספר שנים עסקתי רבות בפרצות הנובעות מהטמעה של זיהוי לקוחות ומשתמשים בעזרת Caller ID, ובפשטות השיחה המזוהה שלהם.<br />
</div>
<div dir="rtl" style="text-align: right;">
המחקרים כללו החל <a href="https://www.haaretz.co.il/captain/net/1.2193204" rel="nofollow" target="_blank">מפרצות בשערים חשמליים </a>ועד מערכות פיננסיות ואחרות.<br />
</div>
<div dir="rtl" style="text-align: right;">
תוקפים פוטנציאליים יכולים לממש בקלות שינוי שיחה מזוהה, ולכן מי שמטמיע שיטות הזדהות שמבוססות שיחה מזוהה פוגע בלקוחות והמשתמשים שלו. </div>
<div dir="rtl" style="text-align: right;">
לאחרונה נתקלתי בכמה מקרים דומים, והבנתי שכדאי להשפיע בנושא רצוי לעשות משהו רוחבי ולא להילחם בטחנות רוח ובאופן נקודתי.<br />
</div>
<div dir="rtl" style="text-align: right;">
מטרת פרוייקט זה היא לבנות מסמך שיתופי, שבו מי שירצה יוכל לדווח ולהזין פרטי חברות מתקנים ומקומות שבהם מתעקשים לזהות עדיין את המשתמשים לפי מספר טלפון בלבד, וזאת <a href="https://www.gov.il/he/Departments/policies/identification" rel="nofollow" target="_blank">בניגוד להוראות הרשות להגנת הפרטיות</a>.<br />
<br /></div>
<div dir="rtl" style="text-align: right;">
המטרה היא ליצור לחץ חיובי גם על מטמיעי המערכת וגם על רגולטורים כמו משרד התקשורות, שיכול לבצע צעדים אופורטיביים בכדי להילחם ביכולת לשנות שיחה מזוהה.</div>
<div dir="rtl" style="text-align: right;">
<br />
בניגוד למדינות כמו <a href="https://en.wikipedia.org/wiki/Truth_in_Caller_ID_Act_of_2009" rel="nofollow" target="_blank">ארצות הברית</a>, כאן במדינת ישראל חסרה חקיקה ספציפית האוסרת משפטית שינוי שיחה מזוהה או מזהה של הודעות SMS, ובפועל אין פיקוח בנושא.<br />
<br />
במצב שבו ניתן לשנות בקלות מספר טלפון, ההתעקשות של ספקי שירותים רבים להמשיך לזהות את הלקוחות והמשתמשים בעזרת המספר המזוהה שמתקבל בזמן שיחה נכנסת, גורם לכך שאבטחת מערכות העובדות במשותף עם מרכזיות טלפוניות גרוע ולקוי.<br />
<br /></div>
<div dir="rtl" style="text-align: right;">
אתם מוזמנים להשתתף ולתרום לפרוייקט מידע רלוונטי באופן אנונימי בעזרת הזנת פרטים בטופס הבא:</div>
<div dir="rtl" style="text-align: right;">
<br /></div>
<div dir="rtl" style="text-align: right;">
<a href="https://goo.gl/forms/zuPhQh1XHcBhjIdI2">https://goo.gl/forms/zuPhQh1XHcBhjIdI2</a></div>
<div dir="rtl">
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
<br /></div>
<br /></div>
<div dir="rtl">
</div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-75097946385333564262017-11-09T09:47:00.001-08:002017-11-09T10:02:01.096-08:00An anti theft system allowing attackers to kill remotely the engine in electric scooters made by INOKIM/MyWay, affected model - model Quick 3.<div dir="rtl" style="text-align: right;" trbidi="on">
<div dir="ltr" id="docs-internal-guid-c327daa7-a1ca-083e-9b28-ba86457ac684" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Claim: An anti theft system allowing attackers to kill remotely the engine in electric scooters made by INOKIM/MyWay, affected model - model Quick 3.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="color: white;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBr75663EtweksxC_90uZeyD80xtCp3zHPWFCI7wHhucSr-dXutMsHogTiUwb7uVQ7iwrRtJdPR0HAOoX8NkwtfQfTGdhbwXl8Pjh42cYFpi8B8if9gvwuluDukP0TWaltYlaxV_WlLkfY/s1600/INOKIM+QUICK+3+++Inokim+English.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="587" data-original-width="1220" height="153" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjBr75663EtweksxC_90uZeyD80xtCp3zHPWFCI7wHhucSr-dXutMsHogTiUwb7uVQ7iwrRtJdPR0HAOoX8NkwtfQfTGdhbwXl8Pjh42cYFpi8B8if9gvwuluDukP0TWaltYlaxV_WlLkfY/s320/INOKIM+QUICK+3+++Inokim+English.png" width="320" /></a></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">MYWAY/INOKIM created new model - Quick 3, This model has new mobile phone app.</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">The app has anti theft system, which allows the owners to remotely deactivate the engine, in any situation (on move or during parking), this by using Bluetooth connection to BT </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">module in the electric scooter, It’s a feature.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Malicious attacker can use this </span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Anti</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">-</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Theft</span><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;"> feature, in order to deploy easy attack, and shot down the engine of the scooter, even while the driver is using it in high speed</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Potential causalities can be injury or death.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">The serial number of the scooter (VIN) just like cars, is shown on the scooter with no physical protection, and that basically all you need to know in order to deploy an easy attack..</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">The anti thief option in the app, can be trigger any time as long as you have the VIN (Inokim serial number).</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Risk: loosing control, Death, injury, road accidents etc.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<span style="color: white;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDol7LIuISbxjhrVO84m539Y1JioszUIaT3Lfmh59IJ_orj74bf6A1cIoUjC_60pK3nIDUtgLbRF0MH6NNaOJyUjNX2UzslDmkk4bzY8Zx7q6-9u1yIn7koCiOwUgLwA6yewahMb3izqUJ/s1600/INOKIM+QUICK+3+++Inokim+English2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="524" data-original-width="1090" height="153" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDol7LIuISbxjhrVO84m539Y1JioszUIaT3Lfmh59IJ_orj74bf6A1cIoUjC_60pK3nIDUtgLbRF0MH6NNaOJyUjNX2UzslDmkk4bzY8Zx7q6-9u1yIn7koCiOwUgLwA6yewahMb3izqUJ/s320/INOKIM+QUICK+3+++Inokim+English2.png" width="320" /></a></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Technical info:</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Attacker can use at least two options in order to deploy attack:</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">1.VIN and Bluetooth</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">The VIN, a serial number of the scooter which supposed to be secret due to the potential uses, is shown on the shooter like many other cars, so attacker can take a picture of the scooter frame, or just look at it, and then he can deploy attack with temporary username in the app, and verification by VINs of any scooter out there.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span>
<span style="color: white;"><br /></span>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgb033PUykNYqKyim7OVLtThQWWFAYUoO5uZVBXwJKTEGofpueejiIoykRz1SSN1NUPZOfseVT9VPIBcA-QQAa7tDVrieXXBDqe4q56GG2p0GFjYuOQcZTzIEfZV08H2Di3GqiSo0twUlCw/s1600/Quick3+UserGuide_Prewiew.pdf4.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="479" data-original-width="492" height="310" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgb033PUykNYqKyim7OVLtThQWWFAYUoO5uZVBXwJKTEGofpueejiIoykRz1SSN1NUPZOfseVT9VPIBcA-QQAa7tDVrieXXBDqe4q56GG2p0GFjYuOQcZTzIEfZV08H2Di3GqiSo0twUlCw/s320/Quick3+UserGuide_Prewiew.pdf4.png" width="320" /></a></div>
<span style="color: white;"><br /></span>
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">2.Remote control of victim's mobile phones, can allow attacker to control the phone of the owner/target remotely and then deploy an attack even from another country.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Example: Mircast, Trojan horse, spy software with full control of the phone, team-viewer, VNC.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Status:</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Company didn't answer to emails sent by</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">29.07.2017</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">07.10.2017</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">National Cyber Security Authority in Israel, got notified and, no update has been given regards proactive changes in the company.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Since the feature is made by design, and supposed to help preventing people from stealing the scooters, it's logic security problem, and not typical mistake, they knew about it.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">P.S.</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">1.The way I got into the VIN problem, is by informers who shared with me the fear of using those scooters, included of live demo they made on their device, of how the scooter can be shot down remotely, in high speed.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">The idea of using Mircast or Trojan horse and remote controlling the owner app is mine.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Since at least 3 other people knew about the problem, before it came to my attention, I decided that I must share it now.</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Moreover, my research show that connected bikes and connected scooters are becoming very popular, so the community attention must be higher, into engines with remote killing switch..</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">I believe that international ISO, should make new working groups regards those small vehicles, protecting cars only can’t cover the immediate situation in the streets, we need to make cyber regulation for the new era of mini connected electric vehicles. </span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">You are welcome to contact me for any request</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Sources:</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><a href="http://inokim.com/q3_features/" rel="nofollow" target="_blank"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">http://inokim.com/q3_features/</span></a></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><a href="https://youtu.be/_OAEqD0z2Tc?t=1m34s" rel="nofollow" target="_blank"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">https://youtu.be/_OAEqD0z2Tc?t=1m34s</span></a></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Video of the ECU and BT controller.</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><a href="https://www.youtube.com/watch?v=FclHcgE6-34" rel="nofollow" target="_blank"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">https://www.youtube.com/watch?v=FclHcgE6-34</span></a></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Android App</span></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><a href="https://play.google.com/store/apps/details?id=com.bugull.myway" rel="nofollow" target="_blank"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">https://play.google.com/store/apps/details?id=com.bugull.myway</span></a></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">IOS app</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><a href="https://itunes.apple.com/pk/app/inokim/id1116583514?mt=8" rel="nofollow" target="_blank"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">https://itunes.apple.com/pk/app/inokim/id1116583514?mt=8</span></a></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">User Guide Manual</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><a href="http://inokim.com/wp-content/uploads/2014/12/Quick3-UserGuide_Prewiew.pdf" rel="nofollow" target="_blank"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">http://inokim.com/wp-content/uploads/2014/12/Quick3-UserGuide_Prewiew.pdf</span></a></span></div>
<div style="text-align: left;">
<span style="color: white;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">Amitay Dan (popshark1)</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><a href="http://www.amitaydan.com/" rel="nofollow" target="_blank"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">www.amitaydan.com</span></a></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><a href="https://twitter.com/popshark1" rel="nofollow" target="_blank"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">https://twitter.com/popshark1</span></a></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: left;">
<span style="color: white;"><a href="https://linkedin.com/in/amitay-dan-a63647aa" rel="nofollow" target="_blank"><span style="background-color: transparent; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline;">https://linkedin.com/in/amitay-dan-a63647aa</span></a></span></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYsgI32Hu1SqiQ124e9NFcRKK7J_pnK-RfHIPSEttQmaRXDqft0b_Np3hwINNqHa2fParQ-Gpkwuuhtthr_RmKe4Vl56bPkPLLiEHr1ri1PN626Nl6GCs6bxBsmzdzq55AFOEo-p5JP23W/s1600/INOKIM+QUICK+3+SUPER+++Inokim+English3.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1550" data-original-width="910" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYsgI32Hu1SqiQ124e9NFcRKK7J_pnK-RfHIPSEttQmaRXDqft0b_Np3hwINNqHa2fParQ-Gpkwuuhtthr_RmKe4Vl56bPkPLLiEHr1ri1PN626Nl6GCs6bxBsmzdzq55AFOEo-p5JP23W/s320/INOKIM+QUICK+3+SUPER+++Inokim+English3.png" width="187" /></a></div>
<br />
<br /></div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-21066032759665085572017-09-30T22:52:00.000-07:002018-09-07T14:16:31.632-07:00TeamViewer and Ninebot mini pro by Sagway = All Terrain Connected Robots platfrom <div dir="rtl" style="text-align: right;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" dir="ltr" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: center;">
</div>
<div class="separator" dir="ltr" style="clear: both; text-align: center;">
</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
Sometime we need to create, hacking is part of it</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
As some of you realized, I'm testing many use cases of Sagway robot platform recently.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
In Israel UMI, are lunching this days the new line of Sagway. included what called Sagway robot, and Ninebot Plus.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
The revolution is here, and so are the <a href="https://www.wired.com/story/segway-minipro-hack/" rel="nofollow" target="_blank">hackers :)</a></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
In my opinion,the robots are coming and we better join the forces, secure them and find something good to do with them.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
I have tried the use of Sageway in <b>wedding</b>, as a party pal, a <b>dog trainer</b>, and even tested it for <b>feeding animals </b>understanding that it will help them to hunt again and go back to the nature.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
I was making my robot, a <b>navigator </b>for <b>blind people - </b>replacing dogs, it was tested as a <b>carrier </b>in the nature and I had so much fun, mostly.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
Some people were trying to force me to shot it down, other were trying to take it, or just talk to it like a dog. </div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
Actually it's much better then <b>Tinder </b>since it's a proactive magnet for girls with curiosity, so it's a win win situation..</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
I made many people smile, thinking - much more then whom who didn't like it</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
In high tech area, I got less positive impression then traditional, so basically people in Mea Sheaarim or Jaffa were mostly much more friendly then the people who supposed to build our startup nation.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
My ritual uses is basically <b>shopping</b>, it's so great to have a robot who can carry <b>100kg.</b></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<b><br /></b></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
However, I lost many things because of it, I fall down so many times and felt like going back 25 years, being super active person with tons of creativity, imagination so I like it, I like robots, and so many people around.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
Some people told me that I'm insane, other said - wow we want one of this.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
This days I'm opening a new platform called <a href="https://www.raas.co.il/" rel="nofollow" target="_blank"><b>RAAS - Robots As A Service.</b></a></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
I think robots can be used as ultimate recon tool for hackers, and red teams worldwide can use them to simulate attacks.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
According
to my basic tests, Sagway were built with security by design, but basically I'm
addicted to it so I cant be objective, others will do this job this
time.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
I can said that having limitation of numbers as a password, its something which has been seen before in other company, and this is something to change.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
The ability to make a DDOS attack is out there, and having Bluetooth as a connection, should be change to something stronger.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
As long as a person is on the device, it's loosing most of the abilities to control it, but some option are open.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<br />
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: center;">
<b>Sagway Robot </b></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKGFu19OnUhAzG5NVs6K1f4LW_KDdD9plZaBcZDkkZ0WUqUHkk1gmQGfUYDzEIUAeoufKwQkjEUjzoPF5ku25KDfF6Z-RHNUnku01Q6BguYihoxwj5wAc7EZjs91QNmtBkKv23-ek4PeGh/s1600/Segway+++%25D7%2593%25D7%25A3+%25D7%2594%25D7%2591%25D7%2599%25D7%25AA.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="509" data-original-width="988" height="164" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKGFu19OnUhAzG5NVs6K1f4LW_KDdD9plZaBcZDkkZ0WUqUHkk1gmQGfUYDzEIUAeoufKwQkjEUjzoPF5ku25KDfF6Z-RHNUnku01Q6BguYihoxwj5wAc7EZjs91QNmtBkKv23-ek4PeGh/s320/Segway+++%25D7%2593%25D7%25A3+%25D7%2594%25D7%2591%25D7%2599%25D7%25AA.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<b> Shopping time</b></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/L02WvPIKcx0/0.jpg" frameborder="0" height="266" src="https://www.youtube.com/embed/L02WvPIKcx0?feature=player_embedded" width="320"></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: center;">
<b>First POC of using TeamViewer in lab mode </b></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/pKA_wDUCo4Q/0.jpg" frameborder="0" height="266" src="https://www.youtube.com/embed/pKA_wDUCo4Q?feature=player_embedded" width="320"></iframe></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<b>Using TeamViewer in field operation </b></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/bai66DKbzDY/0.jpg" frameborder="0" height="266" src="https://www.youtube.com/embed/bai66DKbzDY?feature=player_embedded" width="320"></iframe></div>
<span id="goog_1357432754"></span><span id="goog_1357432755"></span><br />
<span id="goog_1357432754"></span><span id="goog_1357432755"></span><br />
<span id="goog_1357432754"></span><span id="goog_1357432755"></span><br />
<span id="goog_1357432754"></span><span id="goog_1357432755"></span><br /></div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-7599272834241116162017-09-30T22:40:00.001-07:002017-09-30T22:40:18.949-07:00A wake up call - Last mile security<div dir="rtl" style="text-align: right;" trbidi="on">
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
Due to my recent finding in verity of automotive last mile devices, I think we must wake up and start to secure the new era of transportation.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
There are missing ISO, no regulation and no defense line.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
Government are loosing control, and there is no legal way to secure the streets.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
People are buying exposed devices, with <b>anti thief </b>mechanism which is in fact the best Trojan horse, backdoor.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
Others are having full control of their bikes, and it's so cool so they don't see the side effect the new risk. </div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
Simple VIN number is all needed for some of the devices, and sometime it's even shown in the SSID.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
I like this revolution, I love robots but we must do something before it will be too late. </div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
This is black flag </div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
Some companies made good devices, but the amount of conversion wireless kits out there, being operated with BMS/RTU/PLC must be taken care ASAP.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<b>Connected scooters</b></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<b>Connected Bike</b></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<b>Connected Robots</b></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<b>Connected OneWheel</b></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<b>Connected Skateboard</b></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<strike>Connected Drones</strike></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
I think the word Internet of things, is totally wrong, the focus should be any wireless connection, WIFI/BT/BLE/2.4/GSM/GPS/etc.</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: center;">
The internet it's not a necessary needed in order to deploy attack, it's time to protect bikes and scooters<b><br /></b></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
</div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" dir="ltr" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<br />
<br /></div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-52189396818053956292017-05-16T16:25:00.000-07:002017-05-16T16:39:09.664-07:00Who Targets Me - Track which entities are targeting you with adverts<div dir="rtl" style="text-align: right;" trbidi="on">
<div dir="ltr" style="text-align: left;">
This project is something to adopt in another countries..<br />
Israel can be one of them. </div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQjuHhzBI9u-WCe_MWISL1Bl4a-JC5PP5JWbZVo9WRSrHntHZio-txm-0G7KJ2YIyCKHdzrBbFU_X97p_GbTEqe50eAh39o5O0NANFkBZJvf62IYMmXBCg7y4ynJMazTeMP1Drn2lKo8AT/s1600/Facebook+ads+in+the+General+Election+2017+++Who+Targets+Me+.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="274" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQjuHhzBI9u-WCe_MWISL1Bl4a-JC5PP5JWbZVo9WRSrHntHZio-txm-0G7KJ2YIyCKHdzrBbFU_X97p_GbTEqe50eAh39o5O0NANFkBZJvf62IYMmXBCg7y4ynJMazTeMP1Drn2lKo8AT/s320/Facebook+ads+in+the+General+Election+2017+++Who+Targets+Me+.png" width="320" /></a></div>
<br /></div>
<div dir="ltr" style="text-align: left;">
"During the 2015 general election and 2016 referendum, campaigns spent millions of pounds purchasing highly targeted Facebook adverts. Voters were bombarded with messages tailored to their interests, location, age, gender and more. For the good of our democracy, it's time to throw some light on dark ads."</div>
<div dir="ltr" style="text-align: left;">
<br />
<br /></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQmF5YQSqw-q_BL2WO8KidX6xx2FuE4E9_TMqcmc_hyphenhyphenTJCdGL1xUwbe_cJ1RKf0JEskDUrAqDrhuyicG_MaORv0AGaq24lAo6mJr1m4YRkHzwrPNnPtDael1AxgKUPWcJ7TFO9y8s9XTt4/s1600/Who+Targets+Me+++Chrome+Web+Store.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="188" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiQmF5YQSqw-q_BL2WO8KidX6xx2FuE4E9_TMqcmc_hyphenhyphenTJCdGL1xUwbe_cJ1RKf0JEskDUrAqDrhuyicG_MaORv0AGaq24lAo6mJr1m4YRkHzwrPNnPtDael1AxgKUPWcJ7TFO9y8s9XTt4/s320/Who+Targets+Me+++Chrome+Web+Store.png" width="320" /></a></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
In the run-up to the general election, the Bureau is investigating how
political parties and groups are using targeted advertising on Facebook
to try to influence votes.<br />
<br />
There has been a huge rise in political advertising on social media,
which offers a much bigger audience for a much cheaper price than ads in
newspapers or on billboards. A quarter of the last general election's
total advertising spend was on Facebook, and social media is thought to
have played a significant role in the victories of Donald Trump and the
Vote Leave campaign.<br />
<br />
The reams of personal information held by Facebook on its users means
messages can be individually tailored for people with particular
interests, who care about certain issues, or who live in marginal
constituencies. The problem is that this type of advertising is in large
part not subject to public scrutiny. Only Facebook knows what users are
being shown what adverts - and privacy obligations combined with
commercial interests mean that information is not publicly accessible.</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
A new project called <a href="https://whotargets.me/about/" target="_blank">Who Targets Me </a>is
attempting to address this, by recruiting social media users to share
information on what adverts they are seeing. The Bureau’s new data
journalism team the Bureau Local will analyze the data collected in an attempt to shed light on an opaque and rapidly growing industry.<br />
<br />
The more people who get involved, the more detail we'll get about the
scale and detail of the targeted messaging being used. Help us by
signing up here - and read our story introducing the project and outlining our initial findings"<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQ5P3pTzKufGnjqojtJyN0KzoPTOazkKdZI5bWwvEyGBLHCTQKazChqMEi4OKvfry77IPgLcLrAFeMX2FppMv1iqGYHm1jPlzGjjJZZ0NZXjM6Nb0EbwKF0S6SrjMkdZIaCsFRifxmA25_/s1600/How+to+get+involved+++Who+Targets+Me+.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQ5P3pTzKufGnjqojtJyN0KzoPTOazkKdZI5bWwvEyGBLHCTQKazChqMEi4OKvfry77IPgLcLrAFeMX2FppMv1iqGYHm1jPlzGjjJZZ0NZXjM6Nb0EbwKF0S6SrjMkdZIaCsFRifxmA25_/s320/How+to+get+involved+++Who+Targets+Me+.png" width="294" /></a></div>
<br />
<br />
<a href="https://chrome.google.com/webstore/detail/who-targets-me/epdelclkhoghpihbfmhndbkcjigglaci" target="_blank">Chrome Extension </a><br />
<br />
<a href="https://github.com/WhoTargetsMe/Who-Targets-Me" target="_blank">Github </a><br />
<br />
<a href="https://twitter.com/WhoTargetsMe" target="_blank">twitter </a><br />
<br /></div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-54336457711448810502016-09-15T10:12:00.000-07:002017-04-09T18:52:34.685-07:00זה הזמן לצוד אווטרים - Hunting Avatars for fun<div dir="rtl" style="text-align: right;" trbidi="on">
<div style="text-align: right;">
אזהרה<span style="font-family: "times new roman" , serif;">: </span>מכיל הפניות לתוכן המוגבל לגילאי <span style="font-family: "times new roman" , serif;">18
</span>ומעלה</div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhscJfbUZY3UernRWqKRvtoJEhZvRq9OTW6CcR-wYFdrJHwEMtzK1MLOnsR2OZCHwOsCJszrRHJRskUZE3CLEWej2-Pjewrmhy_jiiYmMIZcz5ebNjBWyUThqeAzyH2PmqxJmkg4E9Fuemy/s1600/avatar.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="238" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhscJfbUZY3UernRWqKRvtoJEhZvRq9OTW6CcR-wYFdrJHwEMtzK1MLOnsR2OZCHwOsCJszrRHJRskUZE3CLEWej2-Pjewrmhy_jiiYmMIZcz5ebNjBWyUThqeAzyH2PmqxJmkg4E9Fuemy/s320/avatar.jpg" width="320" /></a></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
</div>
<div style="text-align: right;">
אתמול פרופיל מוזר בטוויטר, סימן פוסט
שלי על פרצות אבטחה בראוטרים של
<span style="font-family: "times new roman" , serif;">TP-LINK</span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><a href="https://twitter.com/popshark1/status/748863268932943872" rel="nofollow" target="_blank">https://twitter.com/popshark1/status/748863268932943872</a></span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
מבחינתי
זה היה תירוץ טוב לתרגל<span style="font-family: "times new roman" , serif;">,
</span>ככה שהרמתי את הכפפה</div>
<div style="text-align: right;">
התחלתי בפרופיל
הבא<span style="font-family: "times new roman" , serif;">:</span></div>
<div style="text-align: right;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><a href="https://twitter.com/malazareva14950" rel="nofollow" target="_blank">https://twitter.com/malazareva14950</a></span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
ניסיתי לבודד ממנו
משתנים<span style="font-family: "times new roman" , serif;">:</span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><br /><a href="https://twitter.com/malazareva14950/status/776090376822202369" rel="nofollow" target="_blank">https://twitter.com/malazareva14950/status/776090376822202369</a><br /><a href="https://twitter.com/malazareva14950/status/776084290958426113" rel="nofollow" target="_blank">https://twitter.com/malazareva14950/status/776084290958426113</a></span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
כפי שניתן לראות מהציוצים שם<span style="font-family: "times new roman" , serif;">,
</span>יש שני משפטים שתפקידם לפתות את המטרה
להקליק<span style="font-family: "times new roman" , serif;">, </span>כאשר
הלינק עובר </div>
<div style="text-align: right;">
דרך קיצור כתובות בגוגל
<span style="font-family: "times new roman" , serif;"></span></div>
<div style="text-align: right;">
<span style="font-family: "times new roman" , serif;"><br /></span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><a href="http://goo.gl/0Yk0jS" rel="nofollow" target="_blank">goo.gl/0Yk0jS</a>
</span> </div>
<div style="text-align: right;">
ומוביל לאתר הבא</div>
<div style="text-align: right;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<a href="http://3.nonwm.xyz/?u=vtywhwq&o=d7qp8zd&t=twitter1" rel="nofollow" target="_blank"><span style="font-family: "times new roman" , serif;">http://3.nonwm.xyz/?u=vtywhwq&o=d7qp8zd&t=twitter1</span></a></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div style="text-align: right;">
פענוח בעלי האתר מוביל למישהו בשם
ניקולאי<span style="font-family: "times new roman" , serif;"></span></div>
<div style="text-align: right;">
<span style="font-family: "times new roman" , serif;"><br /></span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><a href="https://who.is/whois/nonwm.xyz" rel="nofollow" target="_blank">https://who.is/whois/nonwm.xyz</a></span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
דומיינים נוספים שקשורים אליו</div>
<div dir="ltr" style="text-align: left;">
<a href="http://3.nonwm.xyz/?u=vtywhwq&o=d7qp8zd&t=twitter1#" rel="nofollow" target="_blank"><span style="font-family: "times new roman" , serif;">http://3.nonwm.xyz/?u=vtywhwq&o=d7qp8zd&t=twitter1#</span></a></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><a href="http://imitrk.com/" rel="nofollow" target="_blank">imitrk.com</a><br /><a href="http://nonwm.xyz/" rel="nofollow" target="_blank">nonwm.xyz</a><br /><a href="http://ewqq.ru/" rel="nofollow" target="_blank">ewqq.ru</a><br /><a href="http://777-onlayn.xyz/" rel="nofollow" target="_blank">777-onlayn.xyz</a><br /><a href="http://suboo.xyz/" rel="nofollow" target="_blank">suboo.xyz</a><br /><a href="http://newssoccer.ru/" rel="nofollow" target="_blank">newssoccer.ru</a><br /><a href="http://www.trader43.ru/" rel="nofollow" target="_blank">www.trader43.ru</a></span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
חיפוש בגוגל של משפטי המחץ הכתובים
בפרופיל<span style="font-family: "times new roman" , serif;">, </span>אפשר
לקצור חלק ניכר מהאווטרים שלקחו חלק
בקמפיין<span style="font-family: "times new roman" , serif;">, </span>כאשר
יש שוני מסויים במשפטים שחלק מהפרופילים
ייצרו</div>
<div dir="ltr" style="text-align: left;">
<b><span style="font-family: "times new roman" , serif;">1. I'll go take a shower, you
want to see?<br />2. My first f%ack here<br />3. I just came home, you
want to communicate?<br />4. Hi! stop FAP! come me, I love <span style="font-family: "times new roman" , serif;"><span style="font-family: "times new roman" , serif;">s</span>**</span>! Are you
be with me flirt?</span></b></div>
<b>
</b>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<b><span style="font-family: "times new roman" , serif;">Mostly started with</span></b></div>
<b>
</b>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<b><span style="font-family: "times new roman" , serif;">5. My first tweet ever<br />6. I
am free to write me<br />7. Привет, Твиттер!</span></b></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
נקודת ההתחלה הייתה משפטים <span style="font-family: "times new roman" , serif;">6
</span>ו <span style="font-family: "times new roman" , serif;">1</span>כדאי
לשים לב לשיבוש של מילות מפתח<span style="font-family: "times new roman" , serif;">,
</span>בסעיף <span style="font-family: "times new roman" , serif;">2, </span>שהינה טכניקה
קלאסית של ספאמרים<span style="font-family: "times new roman" , serif;">.</span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
באופן כללי<span style="font-family: "times new roman" , serif;">, </span>הקמפיין
העיקרי החל ב<span style="font-family: "times new roman" , serif;">10 </span>לספטמבר<span style="font-family: "times new roman" , serif;">,
</span>והמשיך עד לפני מספר שעות<span style="font-family: "times new roman" , serif;">,
</span>נכון לבדיקה האחרונה<span style="font-family: "times new roman" , serif;"><br /></span>רוב
הפרופילים נוצרו בספטמבר<span style="font-family: "times new roman" , serif;"><br /></span>יוצא
דופן יחסית<span style="font-family: "times new roman" , serif;">, </span>היה
הפרופיל שדרכו התחלתי את המחקר שנפתח
לפני מספר חודשים<span style="font-family: "times new roman" , serif;">,
</span>צייץ לראשונה היום והפנה לאתר
שונה<span style="font-family: "times new roman" , serif;"><br />malazareva14950</span></div>
<div style="text-align: right;">
הפרופילים מנוהלים דרך חשבונות באימיילים
שמסתיימים ב <span style="font-family: "times new roman" , serif;">.ru </span>ובעזרת
מספרי טלפון שמסתיימים בספרות שונות</div>
<div style="text-align: right;">
ניסיון לגלוש לאתרים דרך הדומיין וללא
<span style="font-family: "times new roman" , serif;">token </span>גרם לקבלת
הודעת שגיאה כגון זו<span style="font-family: "times new roman" , serif;">:<br />"Site
is under construction, please visit later"</span>ככל
הנראה עקב מודל רווח של מפיץ הקמפיין מול
בעלי האתרים</div>
<div style="text-align: right;">
הלינקים מוביל בין היתר לאתרים
הבאים<span style="font-family: "times new roman" , serif;">:</span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><br /><a href="http://clubdating2244.com/" rel="nofollow" target="_blank">http://clubdating2244.com</a> </span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><a href="https://bongacams.com/" rel="nofollow" target="_blank">https://bongacams.com/</a> </span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><a href="http://localmatchbook.com/" rel="nofollow" target="_blank">http://localmatchbook.com</a> </span></div>
<div dir="ltr" style="text-align: left;">
<a href="http://sexflirtbook.com/" rel="nofollow" target="_blank"><span style="font-family: "times new roman" , serif;">http://s<span style="font-family: "times new roman" , serif;">**</span>flirtbook.com</span></a></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
באופן אקראי<span style="font-family: "times new roman" , serif;">, </span>בחרתי
את האתר <span style="font-family: "times new roman" , serif;"><a href="http://sexflirtbook.com/" rel="nofollow" target="_blank">s<span style="font-family: "times new roman" , serif;">**</span>flirtbook.com</a>
</span>ובדקתי מי מפעיל אותו</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><a href="https://who.is/whois/sexflirtbook.com" rel="nofollow" target="_blank">https://who.is/whois/s<span style="font-family: "times new roman" , serif;">**</span>flirtbook.com</a><br />Registrant
Name: <b>Agile Wings Limited</b><br />Registrant Organization: Agile
Wings<br />Registrant Street: 1301 Bank of America Tower 12 Harcourt
Road <br />Registrant City: Central<br />Registrant State/Province:
Central<br />Registrant Postal Code: 0000<br />Registrant Country:
HK<br />Registrant Phone: +852.58083652<br />Registrant Phone
Ext:<br />Registrant Fax: <br />Registrant Fax Ext: <br />Registrant Email:
noc@agilewings.com</span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
בדיקה קצרה העלתה שמדובר בפירמת השקעות<span style="font-family: "times new roman" , serif;">,
</span>שרכשה בשנת <span style="font-family: "times new roman" , serif;">2015,
</span>את חברת <span style="font-family: "times new roman" , serif;">DATING
FACTORY </span>שהינה פלטפורמה ליצירת אתרי
היכרויות.</div>
<div style="text-align: right;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><a href="http://datingfactory.com/" rel="nofollow" target="_blank">http://datingfactory.com</a></span></div>
<div style="text-align: left;">
<span style="font-family: "times new roman" , serif;"><a href="https://www.crunchbase.com/organization/agile-wings" rel="nofollow" target="_blank">https://www.crunchbase.com/organization/agile-wings</a><br /><a href="http://www.prnewswire.com/news-releases/agile-wings-has-acquired-dating-factory-527643801.html" rel="nofollow" target="_blank">http://www.prnewswire.com/news-releases/agile-wings-has-acquired-dating-factory-527643801.html</a></span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
לסיכום<span style="font-family: "times new roman" , serif;">, </span>רשת
בוטים בטוויטר אשר מופעלת ככל הנראה
במדינה דוברת רוסית או מזרח אירופאית,מנסה לגרום למשתמשי טוויטר לגלוש
לאתרי פורנו<span style="font-family: "times new roman" , serif;">, </span>וזאת
תוך קבלת תשלום על הפניות הלידים<span style="font-family: "times new roman" , serif;"> .</span>אחת
החברות שהשתמשה בשירותי הקמפיין<span style="font-family: "times new roman" , serif;">,
</span>הייתה פירמת ההשקעות <span style="font-family: "times new roman" , serif;">Agile
Wings Limited</span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
רשת
הבוטים<span style="font-family: "times new roman" , serif;"></span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"></span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;"></span></div>
<div dir="ltr" style="text-align: left;">
<br />
<span style="font-family: "times new roman" , serif;"><span style="font-family: "times new roman" , serif;">https://twitter.com/malazareva14950
----
July2016 </span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;">https://twitter.com/irinageg19791<br />https://twitter.com/antoninajdu1992<br />https://twitter.com/igorseb1978_kil<br />https://twitter.com/antoninajdu1992<br />https://twitter.com/alenaebj19841<br />https://twitter.com/kristinasgc1991<br />https://twitter.com/Anastasiyaywj19<br />https://twitter.com/viktoriyaque192<br />https://twitter.com/lidiyagrv19851<br />https://twitter.com/romanzmq19921<br />https://twitter.com/Usrenam30853694<br />https://twitter.com/kristinaqwz1961<br />https://twitter.com/sashaext19971<br />https://twitter.com/ekaterinaowq192<br />https://twitter.com/yuliyakeb19691<br />https://twitter.com/lyubovmnl19951<br />https://twitter.com/Techno_Raisapim<br />https://twitter.com/zinaidaync19711<br />https://twitter.com/ninaphx19761<br />https://twitter.com/dianahza19921<br />https://twitter.com/elizavetavia192<br />https://twitter.com/tamaraiqy19811<br />https://twitter.com/svetlanaref1961<br />https://twitter.com/daryapmc19701<br />https://twitter.com/tamaraiqy19811<br />https://twitter.com/olgaixt19921<br />https://twitter.com/alinaoas19911<br />https://twitter.com/vyacheslavfrx12<br />https://twitter.com/annakmj19711<br />https://twitter.com/vadimvjh19831<br />https://twitter.com/olgaqct19871<br />https://twitter.com/margaritaefb192<br />https://twitter.com/margaritaisy192<br />https://twitter.com/Usrenam98552785<br />https://twitter.com/usrenam10213575
<br />https://twitter.com/svetlanauls1961<br />https://twitter.com/elenasrt19871<br />https://twitter.com/valeriyaesv1981<br />https://twitter.com/polinarlr19761<br />https://twitter.com/ninaiqx19681<br />https://twitter.com/nadezhdafyb1971<br />https://twitter.com/anastasiyayce12<br />https://twitter.com/yanapkr19941<br />https://twitter.com/alinaxsc19731<br />https://twitter.com/marinanzt19951<br />https://twitter.com/verazdo19821<br />https://twitter.com/tamaravvn19831<br />https://twitter.com/kseniyagni19761<br />https://twitter.com/natalyazdo19911<br />https://twitter.com/lidiyacak19841<br />https://twitter.com/lidiyahfl19771<br />https://twitter.com/svetlanajqu1981<br />https://twitter.com/valeriyarfa1981<br />https://twitter.com/evgeniyauie1991<br />https://twitter.com/valeriyadmp1972<br />https://twitter.com/svetlanafxf1981<br />https://twitter.com/valeriyaerw1971<br />https://twitter.com/Mariyabuk1977_C<br />https://twitter.com/evgeniyaiym1981<br />https://twitter.com/Mariyabuk1977_C<br />https://twitter.com/vaveselova47513<br />https://twitter.com/usrenam98552785?lang=bg<br />https://twitter.com/zhannaekg19861<br />https://twitter.com/Usrenam18325089<br />https://twitter.com/natalyarje19681<br />https://twitter.com/ninaqou19771<br />https://twitter.com/dianayht19741<br />https://twitter.com/galinaveb19851<br />https://twitter.com/dianaeut19941<br />https://twitter.com/Usrenam09248498<br />https://twitter.com/lidiyakqn19761<br />https://twitter.com/galinaxem19701<br />https://twitter.com/elizavetakmz192<br />https://twitter.com/verasuk19891<br />https://twitter.com/elizavetawzk192<br />https://twitter.com/irinageg19791<br />https://twitter.com/igorseb1978_kil</span></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div style="text-align: right;">
<span style="font-family: "times new roman" , serif;">מספר לינקים נוספים שמופיעים בפוסטים של חשבונות הטוויטר</span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
<br /></div>
<div class="de1" dir="ltr" style="text-align: left;">
goo.gl/0Yk0jS</div>
<div class="de2" dir="ltr" style="text-align: left;">
goo.gl/BCmgy9#R546Hbm</div>
<div class="de1" dir="ltr" style="text-align: left;">
goo.gl/jCkZZp#8TXqTu6</div>
<div class="de1" dir="ltr" style="text-align: left;">
goo.gl/O30JfA#ChvmmWz</div>
<div class="de1" dir="ltr" style="text-align: left;">
goo.gl/zz4plo#VN2M02m</div>
<div class="de1" dir="ltr" style="text-align: left;">
goo.gl/SsaA5Z#1s286P0</div>
<div class="de2" dir="ltr" style="text-align: left;">
goo.gl/FmVhpE</div>
<div class="de1" dir="ltr" style="text-align: left;">
goo.gl/SsaA5Z#69DscGE</div>
<div class="de1" dir="ltr" style="text-align: left;">
</div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "times new roman" , serif;">http://pastebin.com/QuNEW9v9</span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
לסיום<span style="font-family: "times new roman" , serif;">, </span>ניתן
לראות כאן את מדינות היעד של אחד
מ<span style="font-family: "times new roman" , serif;">דפי הנחיתה</span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
<span style="font-family: "times new roman" , serif;"><a href="http://www.quick-love.net/?MD" rel="nofollow" target="_blank">http://www.quick-love.net/?MD</a></span></div>
<div style="text-align: right;">
<br /></div>
<div style="text-align: right;">
<br /></div>
<div class="ProfileHeaderCard-name" dir="ltr" style="text-align: left;">
<span style="font-weight: normal;">Amitay Dan</span>
</div>
<br />
<div class="ProfileHeaderCard-screenname u-inlineBlock u-dir" dir="ltr" style="text-align: left;">
<span style="font-weight: normal;">
<a class="ProfileHeaderCard-screennameLink u-linkComplex js-nav" href="https://twitter.com/popshark1" rel="nofollow" target="_blank">@<span class="u-linkComplex-target">popshark1</span></a></span>
</div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-58175380776520569702016-06-01T12:42:00.000-07:002017-04-02T15:56:56.498-07:00Projects and articles<div dir="rtl" style="text-align: right;" trbidi="on">
<div style="text-align: center;">
<b><span style="font-size: small;">Mini CV </span></b><br />
<b><span style="font-size: small;">Project and articles - mixing of <span style="font-size: small;">Hebrew and <span style="font-size: small;">English</span></span></span></b></div>
<div style="text-align: center;">
Feel free to contact me for a job,projects and challenges </div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: left;">
My art Blog : <a href="http://hacktevision.blogspot.com/">www.hacktevision.blogspot.com</a><br />
<div dir="ltr" style="text-align: left;">
(about art and lights hacking) </div>
<div dir="ltr" style="text-align: left;">
My personal website: <a href="http://www.amitaydan.com/">www.amitaydan.com</a></div>
<div dir="ltr" style="text-align: left;">
Twitter:<a href="https://twitter.com/popshark1"><cite class="_Rm"><span dir="ltr"> https://twitter.com/popshark1</span></cite></a><br />
<cite class="_Rm"><span dir="ltr">Linkdein:</span></cite><a href="https://www.linkedin.com/in/amitay-dan-a63647aa" target="_blank"> https://www.linkedin.com/in/amitay-dan-a63647aa</a><br />
<br /></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<br /></div>
<b><span style="font-size: small;">מגזין Digital Whisper</span></b><br />
<br />
<b>הבנקאי הטלפוני- כבר לא כל כך בטוח...</b><br />
<b>-חדירה לחשבונות בנק דרך הטלפון- </b><br />
<br />
<a href="http://www.digitalwhisper.co.il/0x3E">http://www.digitalwhisper.co.il/0x3E</a><br />
<br />
<ul>
</ul>
<b>כשלים בתהליכי הטמעת מוצרים טכנולוגיים</b> <br />
<ul>
</ul>
<br />
<a href="http://www.digitalwhisper.co.il/issue26">http://www.digitalwhisper.co.il/issue26</a><br />
<br />
<br />
<ul>
</ul>
<b>שימוש במזהה חד חד ערכי לאיתור מאגרי מידע פרוצים</b> <br />
<ul>
</ul>
<br />
<a href="http://www.digitalwhisper.co.il/issue29">http://www.digitalwhisper.co.il/issue29</a><br />
<br />
<br />
<ul>
</ul>
<b>מתקפות מבוססות The Text Warzone - SMS</b><br />
<ul>
</ul>
<br />
<a href="http://www.digitalwhisper.co.il/issue30">http://www.digitalwhisper.co.il/issue30</a><br />
<br />
<br />
<ul>
</ul>
<b>זיהוי אנשים ומטופלים על פי מבנה כף יד ורנטגן</b> <br />
<ul>
</ul>
<br />
<a href="http://www.digitalwhisper.co.il/issue35">http://www.digitalwhisper.co.il/issue35</a><br />
<br />
<ul>
</ul>
<b> התנגשויות בין חוקים, תקנות, פקודות ומידע אישי </b><br />
<ul>
</ul>
<br />
<a href="http://www.digitalwhisper.co.il/issue38">http://www.digitalwhisper.co.il/issue38</a><br />
<br />
<table border="0"><tbody>
<tr><td><br /></td>
<td><b>תקיפת בתי חולים על ידי מטופלים</b></td><td><br /></td><td><br /></td><td><br /></td><td><br /></td><td><br /></td><td><br /></td><td><br /></td><td><br /></td><td><br /></td></tr>
</tbody></table>
<br />
<a href="http://www.digitalwhisper.co.il/issue44" target="_blank">http://www.digitalwhisper.co.il/issue44</a><br />
<br />
<b>פרצות בשערים חשמליים</b><br />
<br />
<a href="http://www.haaretz.co.il/captain/net/1.2193204" target="_blank">http://www.haaretz.co.il/captain/net/1.2193204</a><br />
<br />
<a href="http://www.israeldefense.co.il/?CategoryID=760&ArticleID=5519" target="_blank">http://www.israeldefense.co.il/?CategoryID=760&ArticleID=5519</a><br />
<br />
<b>פרצת אבטחה באפליקציית פנגו - (שרותי חניה) מסע ממספר טלפון ללוחית זיהוי</b><br />
<br />
<a href="http://www.mako.co.il/news-money/tech/Article-97c17b6af5da241004.htm">http://www.mako.co.il/news-money/tech/Article-97c17b6af5da241004.htm</a><br />
<br />
<a href="http://popshark11.blogspot.co.il/2013/12/blog-post.html">http://popshark11.blogspot.co.il/2013/12/blog-post.html</a><br />
<br />
<b>פרצת אבטחה בחברת אורנג - From MSISDN user-agent of the phone</b><br />
<br />
<a href="http://popshark11.blogspot.co.il/2014/03/msisdn-to-user-agent-or-how-i-had.html" target="_blank"> http://popshark11.blogspot.co.il/2014/03/msisdn-to-user-agent-or-how-i-had.html</a><br />
<br />
<a href="http://www.haaretz.com/news/1.584241#">http://www.haaretz.com/news/1.584241#</a><br />
<br />
<a href="http://www.haaretz.co.il/captain/gadget/.premium-1.2289303">http://www.haaretz.co.il/captain/gadget/.premium-1.2289303</a><br />
<br />
<b>פרצת אבטחה בחברת אינטרנט רימון </b><br />
<br />
<a href="http://www.haaretz.co.il/captain/net/1.2400447">http://www.haaretz.co.il/captain/net/1.2400447</a><br />
<br />
<b>מאמרים נוספים</b>:<br />
<br />
<br />
GeekTime<br />
<b> פרצה חוקית מאפשרת לגלות ברשת מהי העמדה הפוליטית של הסובבים אתכם</b><br />
<br />
<a href="http://www.newsgeek.co.il/elections-and-the-internet">http://www.newsgeek.co.il/elections-and-the-internet</a> <br />
<br />
Israel Defense Tech<br />
<b>סימון מטרות סלולריות</b><br />
<br />
<a href="http://tech.israeldefense.co.il/?q=node/154">http://tech.israeldefense.co.il/?q=node/154</a><br />
<br />
<h3 style="text-align: right;">
פעילות פרלמנטרית</h3>
הזכות לפרטיות בעידן הטכנולוגי - לציון יום זכויות האדם הבינלאומי<br />
התרעה והמלצות בנושא גניבת זהות טלפונית וזיופי שיחות <br />
<br />
<div class="text_exposed_show">
פרטי הדיון<br />
<a href="http://main.knesset.gov.il/Activity/Committees/Science/Pages/CommitteeAgenda.aspx?tab=3&AgendaDate=10%2F12%2F2013+10%3A00%3A00" rel="nofollow" target="_blank">http://main.knesset.gov.il/Activity/Committees/Science/Pages/CommitteeAgenda.aspx?tab=3&AgendaDate=10%2f12%2f2013+10%3a00%3a00</a><br />
צילום הדיון<br />
<a href="http://main.knesset.gov.il/Activity/committees/Science/Pages/CommitteeTVarchive.aspx?TopicID=4335" rel="nofollow" target="_blank">http://main.knesset.gov.il/Activity/committees/Science/Pages/CommitteeTVarchive.aspx?TopicID=4335</a><br />
פרוטוקול<br />
<a href="http://www.knesset.gov.il/protocols/data/rtf/mada/2013-12-10.rtf" rel="nofollow" target="_blank">http://www.knesset.gov.il/protocols/data/rtf/mada/2013-12-10.rtf</a><br />
<a href="http://fs.knesset.gov.il/19/committees/19_ptv_269043.doc/" rel="nofollow" target="_blank"> </a><a href="https://www.blogger.com/null" rel="nofollow" target="_blank">http://fs.knesset.gov.il</a>\19\committees\19_ptv_269043.doc</div>
<h3 class="r">
<i>ENGLISH ARTICLES</i></h3>
<br />
Hackin9<br />
<br />
Online Banking Security Magazine<br />
<b> Security Bridge in DTMF</b><br />
<br />
<a href="http://hakin9.org/online-banking-security-magazine-12011-2">http://hakin9.org/online-banking-security-magazine-12011-2</a><br />
<br />
Hakin9<br />
<b> The Day When Fingerprints Has Rule Out From Being An Evidence</b><br />
<br />
<a href="http://hakin9.org/hakin9-062012-biometrics">http://hakin9.org/hakin9-062012-biometrics</a><br />
<br />
<br />
Geekcon 2012<br />
<br />
Team project<br />
<b>License Plate Generator</b><br />
<br />
<a href="http://www.geekcon.org/2012/tiki/tiki-index.php?page=Geekapixel">http://www.geekcon.org/2012/tiki/tiki-index.php?page=Geekapixel</a><br />
<a class="wiki external" href="http://lph.intrpx.com/" rel="external nofollow" target="_blank">http://lph.intrpx.com</a><br />
<br />
<b>Walls of fame/awards</b><br />
<br />
<br />
<div style="text-align: right;">
<span style="font-weight: normal;">Security Researcher Acknowledgments for Microsoft Online Services</span></div>
<div style="text-align: right;">
<br /></div>
<a href="http://technet.microsoft.com/en-us/security/cc308575">http://technet.microsoft.com/en-us/security/cc308575</a><br />
<br />
<div class="l-padded-v-5 g-cell g-cell-12-12 g-cell-md-6-12">
<div class="text-heading-epic" style="text-align: right;">
<span style="font-weight: normal;">
Eventbrite Security Wall Of Fame </span></div>
<div class="text-heading-epic" style="text-align: right;">
<br /></div>
</div>
<a href="https://www.eventbrite.com/walloffame">https://www.eventbrite.com/walloffame</a><br />
<br />
<div class="post-title entry-title" itemprop="name" style="text-align: right;">
<span style="font-weight: normal;">Zendesk Contributors and acknowledgement list</span></div>
<br />
<div style="text-align: right;">
<a href="https://www.zendesk.com/company/responsible-disclosure-policy">https://www.zendesk.com/company/responsible-disclosure-policy</a></div>
<br />
<b>Media</b><br />
<br />
<h3 style="text-align: right;">
<b>English</b></h3>
<br />
<a href="http://www.haaretz.com/news/1.584241#">http://www.haaretz.com/news/1.584241#</a><br />
<br />
<br />
<a href="http://www.vosizneias.com/160935/2014/04/07/jerusalem-it-security-expert-finds-loophole-that-allows-scofflaw-haredi-smartphone-users-to-be-detected/">http://www.vosizneias.com/160935/2014/04/07/jerusalem-it-security-expert-finds-loophole-that-allows-scofflaw-haredi-smartphone-users-to-be-detected/</a><br />
<br />
<a href="http://matzav.com/users-of-non-kosher-phones-revealed-through-security-loophole">http://matzav.com/users-of-non-kosher-phones-revealed-through-security-loophole</a><br />
<br />
<a href="http://www.jewishhigh.com/view/129360.html" target="_blank"> http://www.jewishhigh.com/view/129360.html</a><br />
<br />
<a href="http://www.i24news.tv/fr/actu/technologie/140407-waze-propose-de-localiser-les-bains-juifs-rituels">http://www.i24news.tv/fr/actu/technologie/140407-waze-propose-de-localiser-les-bains-juifs-rituels</a><br />
<br />
<b>Hebrew</b><br />
<br />
<a href="http://www.haaretz.co.il/captain/gadget/.premium-1.2289303">http://www.haaretz.co.il/captain/gadget/.premium-1.2289303</a><br />
<br />
<a href="http://www.kikarhashabat.co.il/%D7%90%D7%95%D7%A8%D7%A0%D7%92-%D7%90%D7%A4%D7%A9%D7%A8%D7%94-%D7%9C%D7%92%D7%9C%D7%95%D7%AA-%D7%9E%D7%99-%D7%9E%D7%97%D7%96%D7%99%D7%A7-%D7%90%D7%99%D7%99.html">http://www.kikarhashabat.co.il/%D7%90%D7%95%D7%A8%D7%A0%D7%92-%D7%90%D7%A4%D7%A9%D7%A8%D7%94-%D7%9C%D7%92%D7%9C%D7%95%D7%AA-%D7%9E%D7%99-%D7%9E%D7%97%D7%96%D7%99%D7%A7-%D7%90%D7%99%D7%99.html</a><br />
<br />
<a href="http://www.ch10.co.il/%D7%98%D7%90%D7%A6/%D7%A1%D7%9C%D7%95%D7%9C%D7%90%D7%A8%D7%99/%D7%9B%D7%9A-%D7%99%D7%9B%D7%9C%D7%95-%D7%9C%D7%97%D7%A9%D7%95%D7%A3-%D7%97%D7%A8%D7%93%D7%99%D7%9D-%D7%A9%D7%94%D7%A9%D7%AA%D7%9E%D7%A9%D7%95-%D7%91%D7%9E%D7%9B%D7%A9%D7%99%D7%A8%D7%99%D7%9D-%D7%9C/?ModPagespeed=noscript">http://www.ch10.co.il/%D7%98%D7%90%D7%A6/%D7%A1%D7%9C%D7%95%D7%9C%D7%90%D7%A8%D7%99/%D7%9B%D7%9A-%D7%99%D7%9B%D7%9C%D7%95-%D7%9C%D7%97%D7%A9%D7%95%D7%A3-%D7%97%D7%A8%D7%93%D7%99%D7%9D-%D7%A9%D7%94%D7%A9%D7%AA%D7%9E%D7%A9%D7%95-%D7%91%D7%9E%D7%9B%D7%A9%D7%99%D7%A8%D7%99%D7%9D-%D7%9C/?ModPagespeed=noscript</a><br />
<br />
<a href="about:invalid#zClosurez" target="_blank">http://www.bhol.co.il/Article.aspx?id=66828&cat=34</a><br />
<br /></div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-67352539312634889282016-03-14T02:46:00.002-07:002016-03-15T00:07:47.634-07:00Medical information of a child got exposed by New York Times<div dir="rtl" style="text-align: right;" trbidi="on">
העיתון New York Times, חשף את פרטיו האישיים של ילד שנדבק בווירוס Zika.<br />
<div>
<br /></div>
<div>
הפרטים נחשפו בתמונת MRI של ילד שהעיתון פרסם והפיץ לגופי תקשורת נוספים.</div>
<div>
<br /></div>
<div>
אירוע זה צריך לשמש כתמרור אזהרה, לארגונים וחברות הנלחמים בווירוס.</div>
<div>
<br /></div>
<div>
אם מעניין אותכם לסקר את הנושא, אתם מוזמנים ליצור קשר</div>
<div>
<br /></div>
<div>
עד כה אמצעי תקשורת ישראלי, ובן לאומי אחר סרבו לפרסם את הנושא.</div>
<div>
<br /></div>
<div>
תגובת העיתון הייתה שהאמא של הילד הייתה מודעת לפרסום, מה שמעלה שתי סוגיות נוספות</div>
<div>
<br /></div>
<div>
1.האם האמא ידעה שהפרטים האישיים של הילד נחשפים בצילום, מלבד הראש של הילד</div>
<div>
2.האם ניתן לתבוע את האם על פגיעה בפרטיות הילד שלה</div>
<div>
3.האם העיתון צריך לטשטש פרטים אישיים כאשר הוא מפרסם נתונים רפואיים.</div>
<div>
4.האן יש כאן פגיעה בכללי האתיקה המקצועית<br />
<br /></div>
<div>
חשוב לציין שבארצות הברית, זכויות הילד שונות ממדינות אחרות מבחינה משפטית, ומצד שני האם והילד לא מתגוררים בארה"ב</div>
<div>
<br /></div>
<div>
עד כה העיתון לא פרסם הודעת התנצלות</div>
<div>
<br /></div>
<div>
לדעתי, השאלה כאן הינה יותר אתית מאשר משפטית, וראוי לעורר דיון בנושא</div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-24147991449808712432016-01-17T15:57:00.003-08:002016-01-17T15:58:35.798-08:00Schooly exposed in Amazon AWS <div dir="rtl" style="text-align: right;" trbidi="on">
<div dir="ltr" style="text-align: left;">
Today, <a href="http://www.haaretz.co.il/news/education/1.2823533" target="_blank">Haaretz</a> newspaper <a href="http://www.haaretz.co.il/news/education/1.2823533" target="_blank">published</a> my study, about <a href="http://www.schooly.co.il/" rel="nofollow" target="_blank">Schooly</a>, a platform, which enable schools to have online system, to support verity of activities related to the schools needs</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
There was a huge exposure, included very sensitive information of kids</div>
<div dir="ltr" style="text-align: left;">
</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
It's all started from a research that's me and <a href="http://samuelcardillo.com/" target="_blank">Samuel Crdillo</a> were doing, about Amazon AWS, and later a <a href="https://github.com/samuelcardillo/bucket-hunter" target="_blank">tool</a> has been created which called "Bucket-Hunter"</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-XgLjQZprBaD3NZZbBJeN6GZcLDUVchV0j4sIFauF7Nvdi8YJqaIcL0TUpKx1n7ht3kC5rW2VrFqtyW96nYOb3FiN-wolGws4Avp6wRBddIZobFPcsLXzeWv5o3C5h8l56YNy88f7Waqz/s1600/10.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="310" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-XgLjQZprBaD3NZZbBJeN6GZcLDUVchV0j4sIFauF7Nvdi8YJqaIcL0TUpKx1n7ht3kC5rW2VrFqtyW96nYOb3FiN-wolGws4Avp6wRBddIZobFPcsLXzeWv5o3C5h8l56YNy88f7Waqz/s320/10.jpg" width="320" /></a></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
Before publishing, out work, I was thinking how can I limit the impact on Israeli users</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
So I went to Google, and made some Google Dorks (strings, which brings you sensitive results).</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivyBkLqP2UBWAw8SGPvDsXXMNiBNZtPEje_GiWcfYSoBvkaFmWMdpr33pQhuqAUb9wNA5OPL1iY_vTUpaqbRqrM1TOJDxbgiy72ooqGARIhtS_Ybp5ZrqQOlc4wjH3CLX9xTCERivhtqKL/s1600/2+grades.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="248" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEivyBkLqP2UBWAw8SGPvDsXXMNiBNZtPEje_GiWcfYSoBvkaFmWMdpr33pQhuqAUb9wNA5OPL1iY_vTUpaqbRqrM1TOJDxbgiy72ooqGARIhtS_Ybp5ZrqQOlc4wjH3CLX9xTCERivhtqKL/s320/2+grades.jpg" width="320" /></a></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
As more as I checked, Schooly were the main results, all over Google, this while checking for Hebrew words, like <b>ID + s3.amazonaws.com </b></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
The problem went far away, since it was not only Google exposure, but the main bucket were open to anyone</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOjxZc-cO4-W_TfG8Tew2mViYrhPCFB8tOl1SAIfJvRUQkTLrKRfnTeogq9vy2lCY3UecbQYkCBUbi2IDrdFICJVbdCPWXpWN6GIt_xFTMaoq4Ipt5WIS3Hr0CLBNdjsJi6DrtUJSQI-9P/s1600/4+backet.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjOjxZc-cO4-W_TfG8Tew2mViYrhPCFB8tOl1SAIfJvRUQkTLrKRfnTeogq9vy2lCY3UecbQYkCBUbi2IDrdFICJVbdCPWXpWN6GIt_xFTMaoq4Ipt5WIS3Hr0CLBNdjsJi6DrtUJSQI-9P/s320/4+backet.jpg" width="320" /></a></div>
<br />
<div dir="ltr" style="text-align: left;">
<br /></div>
<br />
<br />
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
Just before speaking with Schooly, they fixed the ability to see the bucket list. Yet, downloading the files were possible even after few month</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
In the situation when young kids are being exposed, the government should open protection program.</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4E7llg__uZIu4LE38m-uMKlG4k4BO8XZxWvJMr0S8OtnqW8OqKtperFj3ZY5hPw7z6ql-AM5v09-P6jh7tCrLT6MeDDoXNTtrQi5BKLCTH3z6SnOYP2LTB-HKVTISOgUokwNtGwlqP1yI/s1600/1+bogrim+.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="195" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4E7llg__uZIu4LE38m-uMKlG4k4BO8XZxWvJMr0S8OtnqW8OqKtperFj3ZY5hPw7z6ql-AM5v09-P6jh7tCrLT6MeDDoXNTtrQi5BKLCTH3z6SnOYP2LTB-HKVTISOgUokwNtGwlqP1yI/s320/1+bogrim+.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoQymXdj9CGhiSUiwVCcClZ6tO_jZ_KoIfEYnfFNb72Eeg0QmKX2ZFXj-Cx7EVcHLpAGDtGJrJpIufWCG-MGul3VliRJNMM2nipXLkVuGiEscRx9QT5kONGdG96JW19vsqikWISeIYpmOi/s1600/3+school+online+via+google.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="186" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhoQymXdj9CGhiSUiwVCcClZ6tO_jZ_KoIfEYnfFNb72Eeg0QmKX2ZFXj-Cx7EVcHLpAGDtGJrJpIufWCG-MGul3VliRJNMM2nipXLkVuGiEscRx9QT5kONGdG96JW19vsqikWISeIYpmOi/s320/3+school+online+via+google.jpg" width="320" /></a></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<br />
<br />
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
The problem were in both side, Schooly as well as the schools who publish sensitive information of kids (six years old is too sensitive) </div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
The files which exposed in the bucket were under schooly care, yet if a school is published something it's different story.</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
It's time for the ministry of education, to make a change - since this is a big failure of 100,000, kids which have a potential identity and physical reaction to the exposure.</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<br />
<div dir="ltr" style="text-align: left;">
<span class="st"><span dir="ltr"> </span></span></div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-83675165361268276912015-12-23T19:14:00.001-08:002015-12-23T19:14:08.560-08:00מדינת ישראל נגד ניר עזרא - השלכות פסיקת בית המשפט העליון על פעילות מנועי חיפוש חוקרים ורובוטים אגרסיביים רע"פ 8617/14 רע"פ 8464/14<div dir="rtl" style="text-align: right;" trbidi="on">
<div style="text-align: center;">
רובוט חיפוש עבריין מחשב<br />
מאת אמיתי דן <a href="https://twitter.com/popshark1" target="_blank">popshark1@</a></div>
<br />
<br />
<i><b>כל מידע "הנכנס" למחשב – בין שנוצר על-ידי מחשב אחר ובין שנוצר כתוצאה מפעילות המשתמש במחשב מקים את הדרישה ההתנהגותית בעבירה</b></i><br />
<br />
במהלך יום שלישי האחרון (ג' בטבת התשע"ו (15.12.2015), בית המשפט העליון עסק באופן תקדימי בערעור משפטי בנושא חדירה לחומר מחשב, מטרת מאמר זה הנה להסביר מדוע החברות שמפעילות מנועי חיפוש אוטומטיים וסורקים מסוגים שונים, הופכות עכשיו לעברייניות בכל הקשור לפעילותן בתחומי השיפוט בישראל, בדיוק כמונו חוקרי אבטחת המידע שכעת לא נמהר לדווח על פרצות שמסכנות את האזרחים. <br />
<br />
אין סיבה לרובוט יהיה מותר משהו שלי כחוקר אסור, וזה מה שבית המשפט בעצם קבע בלי לשים לב. הוא גם סייג ואמר על הדרך שלכבות מזגנים ומוצרי חשמל בעלי מחשב, זה בסדר וזוטי דברים ושכח שכאלא יש גם בבתים חכמים, אבל אסור לפרוץ למטוסים. <br />
<br />
<b>סעיף 4 לחוק המחשבים:<br />"החודר שלא כדין לחומר מחשב הנמצא במחשב, דינו – מאסר שלוש שנים; לעניין זה, "חדירה לחומר מחשב" – חדירה באמצעות התקשרות או התחברות עם מחשב, או על ידי הפעלתו, אך למעט חדירה לחומר מחשב שהיא האזנה לפי חוק האזנת סתר, תשל"ט-1979". </b><br />
<br />
<a href="http://elyon1.court.gov.il/files/14/640/084/t14/14084640.t14.htm" target="_blank">פסק הדין</a> מרתק ומחכים, מביא הקשרים מהמשפט העברי (שרון אהרוני-גולדנברג "<a href="http://www.netanya.ac.il/Lecturers/Documents/sharonGold.pdf" target="_blank">האקר כהלכה?</a> <a href="http://law.co.il/media/computer-law/sharon_aharoni_goldenberg_article2.pdf" target="_blank">חדירה למחשב בראי המשפט העברי</a>" מאזני משפט ח' 237 (תשע"ג)) אבל לדעתי טעו שם, בצורה שתפגע בעתיד עולם אבטחת המידע בישראל, בין היתר נפגעים שם מנועי חיפוש.<br />
<br />
מאחר שהנושא כבר סוקר בעיתון <a href="http://www.haaretz.co.il/captain/net/.premium-1.2800252" target="_blank">הארץ</a>, <a href="http://rotter.net/forum/scoops1/273150.shtml" target="_blank">רוטר</a> פורטל <a href="http://law.co.il/news/data-security/2015/12/16/supreme-court-defines-unauthorized-access-to-computer/" target="_blank">Law.co.il</a> ואתר החדשות <a href="http://www.news1.co.il/Archive/001-D-373249-00.html" target="_blank">News1</a>, אני ממליץ להתחיל שם ולחזור לפה אחרי שקראתם את ההתייחסויות עד כה, ובעדיפות לקריאה מקדימה של <a href="http://elyon1.court.gov.il/files/14/640/084/t14/14084640.t14.htm" target="_blank">פסק הדין</a>. <br />
<br />
עיקר הטעות למיטב הבנתי היא, שבית המשפט החליט לפרש את המונח חדירה לחומר מחשב באופן רחב, וללא חובה בעקיפת חסימה בדרך ליעד, ז"א לא משנה איך נכנסת כל עוד אין לך אישור אתה עבריין, גם אם נעזרת במחשב אדם או מכונה. הוא הוסיף ואמר, שאם תהיה עקיפה של מחסום בדרך, העונש יהיה חמור יותר. לכן, נוצר מצב שבו קל מאוד לגלוש למקומות בעייתיים כנגד הוראות פסק הדין.<br />
<br />
<i>י. "אם כן כיצד מפרשים "חדירה" למחשב? <b>ניתן לפרש</b> "חדירה" במובן של <b>השגת שליטה</b>; קרי, כל פעולה של שליטה במחשב והפעלתו מקיימת את מונח החדירה. <b>פרשנות חלופית – "מילולית" – מרחיבה אף יותר. לפי פרשנות זו, כל ממשק בין מחשבים (דוגמת שליחת דוא"ל) מקיים את דרישת החדירה, שכן המחשב השולח מחדיר מידע למחשב המקבל. כאמור, נראה כי דעת הרוב בספרות תומכת בגישה זו."</b><br /><a href="http://elyon1.court.gov.il/files/14/640/084/t14/14084640.t14.htm" target="_blank">(המשנה לנשיאה א. רובינשטיין) </a></i><br />
<br />
<i>טו. "סקרנו את עמדת המלומדים ואת עמדת המשפט המשוה ואף עמדנו בקצרה על יחסו של המשפט העברי לסוגיה; ועתה – <b>להכרעה לענייננו</b>. דומני שיש לקבל את הדעה הרווחת בקרב המלומדים, לפיה <b>יש לפרש את המונח "חדירה" פרשנות מרחיבה</b>. פרשנות נאמנה לתכלית החוק, ובמיוחד במבט צופה פני עתיד, <b>מחייבת הגדרה כללית ל"חדירה</b>", כך <b>שכל מידע "הנכנס" למחשב – בין שנוצר על-ידי מחשב אחר ובין שנוצר כתוצאה מפעילות המשתמש במחשב – מקים את הדרישה ההתנהגותית בעבירה</b>. דומה שהדבר תואם גם את השכל הישר, המבקש לטעמי לצמצם "דרכי מילוט". אם נעניק למונח "חדירה" פרשנות הקשורה לטכנולוגיה ספציפית שהנמצאת היום לנגד עינינו, ניאלץ להשתתף בעל כורחנו במשחק מתמיד של "חתול ועכבר", וכידוע הטכנולוגיה דהאידנא בטבעה מהירה עשרות מונים מן החוק. באשר לפרשנות המונח "שלא כדין" דומה, כי <b>הפרשנות הראויה למונח היא שימוש במחשב בהיעדר הסכמת בעליו. ודוק, עקיפת מכשול טכנולוגי בהחלט עשויה להיות בעלת משמעות לעניין קיומה של הסכמה לשימוש במחשב. </b><br /><a href="http://elyon1.court.gov.il/files/14/640/084/t14/14084640.t14.htm" target="_blank">(המשנה לנשיאה א. רובינשטיין)</a></i><br />
<br />
כמו שאתם רואים, בית המשפט פסק שכל מידע המגיע למחשב כלשהו, בין אם מחשב יצר אותו (כולל תוכנה , א"ד), ובין אם נוצר כתוצאה של המשתמש (ז"א בן אדם , א"ד) יוצר פעולה בלתי חוקית, כל עוד לא הייתה הסכמה של הבעלים. למיטב הבנתי ובעקבות מחקר שמתנהל על ידי בתקופה האחרונה,הפרשנות הנרחבת של בית המשפט העליון,גורמת עכשיו לכך לבעיות שלא נצפו על ידו.<br />
<br />
בית המשפט בפסיקתו, גורם לכך שלא רק חוקרי אבטחה, חוקרים אקדמיים או גולשים, גם מנועי החיפוש שבהם רובינו משתמשים ביום יום נכנסים כרגע תחת החוק, וכל שנותר הוא להוכיח שמנוע חיפוש כלשהו אגר נתונים בתאריך כלשהו באופן שיהווה חדירה ללא הסכמה למערכת כלשהי או למאגר נתונים אחר, וזאת בדרך לתביעה משפטית נגד המפעילה שלו הפועלים בשטח ווירטואלי או פיזי, הכפוף לחוקי מדינת ישראל.<br />
<br />
זה לא משנה יותר אם <a href="https://varvy.com/robottxt.html" target="_blank">הגדרתי</a> לרובוטי החיפוש <a href="http://www.affilorama.com/site-building/robots-txt" target="_blank">מה לעשות</a>, כל עוד לא אישרתי להם להיכנס הם עבריינים עכשיו וזה שהשארתי את המחשב פתוח איננו מתיר להם להיכנס.<br />
<br />
<i>"טו. <b>איני רואה סיבה מדוע יגן החוק על ראובן, שסיסמה נדרשת לשם שימוש במחשבו, אך לא על שמעון אשר לא השכיל להתקין במחשבו הגנה מסוג זה</b>. <b>בית ללא מנעול אינו הפקר – וכך הדין גם במחשב</b>; והדברים נכונים במיוחד נוכח תכלית החוק (ראו פסקה י"א מעלה). <b>מובן כי מקרים שבהם נעשה הדבר באופן תמים ללא כוונה פלילית, כפי שיתכן שיארע בסביבות עבודה, לא ייכללו בגדר האמור</b>, בראש וראשונה כיון שבעל המחשב ש"נחדר" לא יראה זאת כחדירה שלא כדין ולא יתלונן – ונשוב לכך."</i><br />
<br />
ישנם כיום מנועי חיפוש רבים שסורקים את רשת האינטרנט, החל מאתרי אינטרנט ועד לגישה למערכות בקרה רגישות, או למזגנים ביתיים. גם מנועי חיפוש רגילים (<a href="https://www.yahoo.com/" target="_blank">Yahoo</a>,<a href="https://www.bing.com/" target="_blank">Bing</a>,<a href="https://www.google.co.il/" target="_blank">Google</a>,<a href="https://www.yandex.ru/" target="_blank">Yandex</a>) סורקים את הרשת ולא פעם <a href="https://www.exploit-db.com/google-hacking-database/13/" target="_blank">מוצאים</a> מוצרים ואתרים שונים שמחוברים אליה, אשר גישה אליהם הפכה להיות כיום בלתי חוקית מאחר שבעליהם לא אישר גישה אליהם, או שפשוט לא חסם את הבקר לכניסה מבחוץ בעזרת סיסמה.<br />
<br />
במקביל, מפותחים גם מנועי חיפוש אחרים שמיועדים לחיפוש של מוצרים רגישים, כמו משאבות ראוטרים, בקרים תעשייתיים, ממשקי שליטה ובקרה ועוד. הידוע בהם נקרא <a href="https://www.shodan.io/" target="_blank">Shodan</a> אבל יש לו מתחרה סינית בשם <a href="http://zoomeye.org/" target="_blank">ZoomEye</a>. חוקרי אבטחה והאקרים, או גורמים אחרים יכולים בעזרתם של מנועים אלו להתחבר לאותם מכשירים שמופו על ידי המערכת, שאף העתיקה מהם נתונים.<br />
<br />
לאחרונה פרסמתי מאמר <a href="https://www.peerlyst.com/blog-post/426-net-security-icsfind-another-academic-tool-to-hunt-for-ics" target="_blank">שסקר פיתוחים אקדמיים</a>, בעולם מנועי החיפוש. מאמר זה הראה כיצד שתי אוניברסיטאות יצרו בחודשיים האחרונים (University of Michigan and Northeastern University-China) מנועי חיפוש מתחרים, ששניהם מיועדים לאיתור חולשות אבטחה ככה שגם באקדמיה היום ממפים עם מנועי חיפוש מכשירים חשופי רשת, ושואבים מהם מידע מקטלגים ומפרסמים.<br />
<br />
<br />
<div dir="ltr" style="text-align: left;">
<i>"<b>Censys</b> is a search engine that allows computer scientists to <b>ask questions</b> about the <b>devices and networks</b> that compose the Internet. Driven by Internet-wide scanning, Censys lets researchers find specific hosts and create aggregate reports on how <b>devices</b>, <b>websites</b>, and <b>certificates are configured and deployed"</b></i><b><br /></b></div>
<br />
מנוע החיפוש האקדמאי <a href="https://censys.io/" target="_blank">Censys</a>, סורק את רשת האינטרנט, ומאפשר לחוקרים להבין כיצד מכשירים אתרים ותעודות (אבטחה) הוגדרו והותקנו. הבדיקות הללו הינן בדיקות שמתאפשרות עקב סריקה, שכיום מוגדרת כחדירה בלתי חוקית על ידי בית המשפט.<br />
<br />
<br />
<br />
צריך להבין, שהעובדה שתוכנת מחשב היא זו שמבצעת את פעולת החדירה ולא אדם, איננה מסירה אחריות מהשולח (הבעלים שלה).<br />
<br />
בנוסף לאמור, להבנתי הייתה כאן טעות שיפוטית נוספת. בית המשפט העליון הבין שמזגן ממחושב המכובה על ידי מישהו אחר, הינו החריג שבו לא יהיה מקום לדון את הפורץ לדין.<br />
<br />
שימו לב לניגודיות הבאה,סעיף ו בפסק הדין הנו השלב של ההקדמה לפסק הדין ואיננו מחייב אלא מביא את הדעה האישית, אבל בפסיקה בסעיף י”ז - מכשירים חשמליים כמו מזגן המופעלים דרך מחשב זה משהו שאפשר לכבות לפי התקדים החדש, ובעצם לקבל הגנה אם מכבים אותו, והדבר מובא באופן חד משמעי.<br />
<br />
<i>ו. "פיתוחים טכנולוגיים דוגמת <b>מחשוב לביש, מכוניות אוטונומיות וארנקים סלולריים</b> – והברכה השורה בצידם – יתקשו מאוד להשתלב במרקם החיים האנושי <b>כל עוד השימוש בהם אינו זוכה להגנה משפטית</b> כדבעי ואין צורך להכביר מלים; לשון אחר, <b>לפני שהמכונית האוטונומית תעלה על הכביש, יהיה עלינו לאסדר בצורה טובה יותר את הטיפול בפצחנים המסוגלים להשתלט עליה בלחיצת כפתור, במישור הטכנולוגי וגם במישור המשפטי. הוא הדין לארנק הנייד, והדמיון עשוי להפליג, אך ככל שיפליג – לא יפליג דיו</b>."</i><br />
<i> </i><br />
<br />
<i>יז. <b>בתרחיש השביעי אדם מכבה מכשיר חשמלי המופעל באמצעות מחשב – דוגמת מזגן – ללא רשות.. דבר זה גורם לכך שבתים חכמים רבים המכילים מכשירים חכמים לא יזכו להגנת החוק כנגד האקרים, או מכונות, וזאת בניגוד לחדירה למנוע של מחשב או מכונית אוטונומית.” “ברי, כי אדם המכבה מזגן ללא קבלת רשות, או צעיר ה"מסתנן" לפורום אינטרנטי סגור כעניין היתולי לא יקימו את יסודות העבירה; אך לא כן אדם המשבית את מערכת מיזוג האויר במטוס, או אדם ה"מסתנן" להתכתבויות פנימיות של בכירי משרד הביטחון. אומר שוב, מקרים מסוג זה מחייבים שימוש בשכל ישר</b> תוך תשומת לב לתכלית החוק ולהיגיון שבבסיסו.)</i><br />
<br />
יש הרבה חכמה בכך שרגולוציה פרואקטיבית, יכולה להביא להגנה טובה על מערכות. אבל האבסרוד כאן עצום. בית המשפט לא מבין שחברות שמפקירות ביודעין או במחדל את המשתמשים, כולל חברות המפתחות רכבים אוטנומיים כדבריו, מאכסנות מאגרים רגישים בטחונית לא יוכלו עכשיו לקבל התרעות מקדימות אותן התרעות שבגוף בריא מאפשרות לגוף להבריא את עצמו.<br />
<br />
האנליסטית קרן אלעזרי חוקרת רבות את הנושא של ההשלכות החיוביות של ההאקרים על מערכת האינטרנט, והרצאתה <a href="https://www.ted.com/talks/keren_elazari_hackers_the_internet_s_immune_system" target="_blank">Hackers: the Internet's immune system</a> היא בדיוק מה שהיה חסר כאן לבית המשפט, כדי להבין את חומרת המצב שאליו הוא מכניס את מה שמחובר לאינטרנט בישראל.<br />
<br />
אנחנו לא נתריע, והשערים ישארו פרוצים, כולל <a href="http://www.haaretz.co.il/captain/net/1.2193204" target="_blank">שערי הכניסה לקיבוץ שלכם, או היישוב שבו אתם גרים</a>, אגב הם עדיין פרוצים ברובם, כי <b>לא הקשיבו</b> לאותן התרעות שבית המשפט מנסה לחסום, ולא לקחו אחריות על המצב, שנוצר בכלל משיטה פשוטה ויעילה שאיפשרה לפתוח מכשירים על בסיס שיחה מזוהה, משהו שכשל והתפוגג.<i> </i><br />
<br />
אישית, יצא לי להתריע בין היתר על פרצה שגרמה <a href="http://popshark11.blogspot.co.il/2014/03/msisdn-to-user-agent-or-how-i-had.html" target="_blank">לאלפי מכוניות</a> במדינת ישראל, המחוברות לרשת האינטרנט, להיחשף החוצה. פסק דין כמו זה יגרום לי לחשוב יותר מפעמיים האם לדווח בכלל, ואני בטוח שכמוני גם רבים אחרים שבאופן קבוע מתריעים על פרצות אבטחה של אתרים שמסכנים משתמשי רשת, או בעלי תשתיות קריטיות.<br />
<br />
לדעתי בית המשפט פתח תיבת פנדורה, שתגרום לפחות אבטחה. ולמנועי חיפוש רובוטיים שמאפשרים ביקורת ובדיקה להיות בלתי חוקיים, כולל Google להיות בעתיד הלא רחוק מוגבלים חוקית, ואף נקנסים על הפרת פרטיות מעצם תפקודם בסריקת הרשת, למטרות אבטחה ואיתור מכשירים רגישים חשופי רשת, או סריקה שוטפת המביאה גם מכשירים רגישים. <br />
<br />
<br />
במחקר האחרון שבו אני עוסק בימים אלו, אני מוכיח כיצד רובוטים ומנועי חיפוש פולשים דיגיטלית לבתים חכמים, שומרים את פרטי הגישה ומאפשרים לצפות במה שהתרחש בבית גם בדיעבד. אני יכול להבין למה הפסיקה גם גאונית, למה היא הלכה שנים קדימה, אבל איך שאני לא מנתח את המצב מנועי החיפוש שאתם משתמשים בהם, ובכלל פעולות רובוטיות אינן חוקיות יותר לפחות עד להודעה חדשה.<br />
<br />
אם אתם רוצים להנות קצת, ולקבל רקע נוסף אני ממליץ לצפות בסרט הבא, העוסק ברובוט פושע<br />
<br />
<div dir="ltr" style="text-align: left;">
<a href="http://www.imdb.com/title/tt1990314/" target="_blank">Robot & Frank (2012)</a></div>
<br />
<br />
<br />
מיפוי רובוטי של דפים:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjW-3MIXLBN66oSmQTxrh7_couWO5BS25VKIs0xsezi8aDCaQZoKg19ajMsfYXA9nsduY3Mdz9-MCwiEzO6TraeMfY5-l3kDmVcP59HaHwIxmiHdc4U8d59q43Dt9i-9G6HyypoBZDaBczM/s1600/google+bot+proof1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjW-3MIXLBN66oSmQTxrh7_couWO5BS25VKIs0xsezi8aDCaQZoKg19ajMsfYXA9nsduY3Mdz9-MCwiEzO6TraeMfY5-l3kDmVcP59HaHwIxmiHdc4U8d59q43Dt9i-9G6HyypoBZDaBczM/s320/google+bot+proof1.jpg" width="320" /></a></div>
<span id="goog_934016072"></span><span id="goog_934016073"></span><br />
<br />
<br />
<br />
<br />
<br />
אמיתי דן הנו <a href="http://www.amitaydan.com/" target="_blank">חוקר אבטחת מידע</a>, הנוהג להתריע על פרצות אבטחה. בעברו פעל בין היתר במסגרת מחקר רב קבוצתי באוניברסיטת תל אביב, בנושא <a href="http://most.gov.il/Molmop/Reports/Documents/%D7%9E%D7%99%D7%A4%D7%95%D7%99%20%D7%AA%D7%A9%D7%AA%D7%99%D7%95%D7%AA%20%D7%95%D7%94%D7%AA%D7%A7%D7%A0%D7%99%D7%9D%20%D7%94%D7%9E%D7%95%D7%A4%D7%A2%D7%9C%D7%99%D7%9D%20%D7%9E%D7%A8%D7%97%D7%95%D7%A7%20%D7%91%D7%98%D7%9B%D7%A0%D7%95%D7%9C%D7%95%D7%92%D7%99%D7%95%D7%AA%20%D7%90%D7%9C%D7%97%D7%95%D7%98%D7%99%D7%95%D7%AA.pdf" target="_blank">פרצות אבטחה בתשתיות קריטיות</a> מחקר זה הוזמן על ידי משרד המדע. <br />
<br /></div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-26936737840279495122015-12-12T21:57:00.001-08:002015-12-13T02:25:42.736-08:00426 Net-Security / ICSfind Another academic tool aim to hunt for ICS&SCADA<div dir="rtl" style="text-align: right;" trbidi="on">
<style type="text/css">p { margin-bottom: 0.25cm; line-height: 120%; text-align: right; }a:link { }</style>
<br />
<div dir="ltr" style="text-align: left;">
<span style="font-family: "liberation" serif , serif;"><span lang="en-US">ICS<span style="font-family: "liberation" serif , serif;">find (</span> <a href="http://icsfind.com/" target="_blank">http://icsfind.com/</a> ) Is A new
search engine, which aim to detect exposed ICS (Industrial
control system) arrived to the playground, but now it's coming from the academic world China.</span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "liberation" serif , serif;"><span lang="en-US">Since
2009, we had Shodan (created by <a href="https://twitter.com/achillean" target="_blank">JohnMatherly</a>) as an ultimate tool to find critical infrastructure.</span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "liberation" serif , serif;"><span lang="en-US">This
October a new competitor Launched his activity in the west, <a href="https://censys.io/" target="_blank">Censys</a>.
Straight from the academic world (University of Michigan
and University of Illinois - Urbana Champaign) lead
by <a href="http://www.technologyreview.com/lists/innovators-under-35/2015/visionary/zakir-durumeric/" target="0">ZakirDurumeric</a> and based on <a href="https://zmap.io/" target="_blank">ZMap</a>.
And now many people are seeing it as the alternative for commercial
search engine <a href="https://www.shodan.io/" target="_blank">Shodan</a>,
Not anymore a new player arrived, and was there silently since
this October. </span></span>
</div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "liberation" serif , serif;"><span lang="en-US">Yesterday
I've found new tool Created in <a href="https://www.peerlyst.com/english.neu.edu.cn" target="_blank">NortheasternUniversity-China</a>, By Professor Yu Yau and his students. The tool
called <a href="http://icsfind.com/#" target="_blank">426Net-Security or ICSfind.</a> </span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "liberation" serif , serif;"><span lang="en-US">This
dedicated for ICS/SCADA, I really liked the UI and the simplicity.
It's not a perfect tool but I think this is just the beginning. By
the way here is no needs for registration, or limitation of uses. </span></span>
</div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "liberation" serif , serif;"><span lang="en-US">I'm
still checking it, and I would like to hear more opinion about it.
The tool has only <span style="font-family: "liberation" serif , serif;"><span style="font-family: "liberation" serif , serif;">C</span>hinese</span> interface but it's really easy to use.</span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "liberation" serif , serif;"><span lang="en-US">in
my opinion having two new tools in one month, it's the best gift
to get for the new year. </span></span></div>
<div dir="ltr" style="text-align: left;">
<span style="font-family: "liberation" serif , serif;"><span lang="en-US">About
the change in the academic world, after years of being far away
from the field and having academic paper which don't give direct
help, or blocked from the public with payment system, or just great
tools which never been out of the academic world - those changes
makes me really happy.</span></span></div>
<div dir="ltr" style="line-height: 100%; margin-bottom: 0cm; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgclPLqD07Bl7NPsAZ9ce9iWGMik9yXWRhALjpNgE5lYZOICSb7zbUSLVhMJRzPB5WL2BYwkbS0sQFZXYu53hdQxo-QYXrmzVGjCOFU8JkGTLjUN6RKK7lrbfDZHH8dqEERrnqVwQl9bWaA/s1600/1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="165" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgclPLqD07Bl7NPsAZ9ce9iWGMik9yXWRhALjpNgE5lYZOICSb7zbUSLVhMJRzPB5WL2BYwkbS0sQFZXYu53hdQxo-QYXrmzVGjCOFU8JkGTLjUN6RKK7lrbfDZHH8dqEERrnqVwQl9bWaA/s320/1.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj80BZwHNh3l7ltx0wX848_EMIOlltB5CLbLoga1rfXFORemM25pDs0pSjdDsyinld6lQfMzpPxxq7vWb2uOWPsKes1TMiqd8jbHRz0RURrSaJ8hK3WiRlM-AQ0zu2W7Ik7hvRobJOvF4e2/s1600/2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="165" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj80BZwHNh3l7ltx0wX848_EMIOlltB5CLbLoga1rfXFORemM25pDs0pSjdDsyinld6lQfMzpPxxq7vWb2uOWPsKes1TMiqd8jbHRz0RURrSaJ8hK3WiRlM-AQ0zu2W7Ik7hvRobJOvF4e2/s320/2.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgpvDiNVNWLmV7S4pzMSaAWAlk5V7EqI1EPNrj89LaNpmm-PmxvA2nUW-PTJXfvJK0UETCswZtXNtk_Uqi4jBcb-qoTRYFVjDA6-hPp8Hd58EA6seM2cQsmoYjG1eJ7uKHah2T-R_Ez_CT/s1600/3.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhgpvDiNVNWLmV7S4pzMSaAWAlk5V7EqI1EPNrj89LaNpmm-PmxvA2nUW-PTJXfvJK0UETCswZtXNtk_Uqi4jBcb-qoTRYFVjDA6-hPp8Hd58EA6seM2cQsmoYjG1eJ7uKHah2T-R_Ez_CT/s320/3.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39iUeNW9WDXr11Yzlokxv6Qnkt2ilC21kxDqIzalEctUVBYtqwE1M8Efw53QE8jQGfXiJoH8a_vViBRcI1JOKnhibsoN54oB0_O8dXpEFAupyK2PIGr3KZQb_G1yM_L07hHKDvCJwM0KM/s1600/4.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi39iUeNW9WDXr11Yzlokxv6Qnkt2ilC21kxDqIzalEctUVBYtqwE1M8Efw53QE8jQGfXiJoH8a_vViBRcI1JOKnhibsoN54oB0_O8dXpEFAupyK2PIGr3KZQb_G1yM_L07hHKDvCJwM0KM/s320/4.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_uxoGtMRmxpJqJEoV4OxpF6EKgWV3dmXHqSQ9ZJxOUSN18fjjXzB-qFyuK-uzv9ncnpq9Jn5x_MFqqNs5I4qsasMJvKMwb9tUJJ3rkw2-xzv5MZKPbfAbmoXIQSAJQtqOflqgyNBnZyq_/s1600/5.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="166" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_uxoGtMRmxpJqJEoV4OxpF6EKgWV3dmXHqSQ9ZJxOUSN18fjjXzB-qFyuK-uzv9ncnpq9Jn5x_MFqqNs5I4qsasMJvKMwb9tUJJ3rkw2-xzv5MZKPbfAbmoXIQSAJQtqOflqgyNBnZyq_/s320/5.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwQ4Y7jxy8jR0e_EYpn0FLUMHWTmy71GwhvWFlpUqAS4y_ZfSoHOyQq0jGPgSVA00WpnhdcaNbAJQNsOCdWcNzTQTGxSaaJM4aKuiRyQdLiEGw7CFP8F6mj_irbaiSilx7-Z8T3pSq73BY/s1600/8.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="164" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwQ4Y7jxy8jR0e_EYpn0FLUMHWTmy71GwhvWFlpUqAS4y_ZfSoHOyQq0jGPgSVA00WpnhdcaNbAJQNsOCdWcNzTQTGxSaaJM4aKuiRyQdLiEGw7CFP8F6mj_irbaiSilx7-Z8T3pSq73BY/s320/8.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjkPQt3SCjZ3bTX-kyJIRjgP14iJI_mZvRwxOh4N3doH6qnZFN_R1Q-vfHpHvqJPuVGBclTbh3qI2qEW55YNnAQEThyGzXQXfA21cbl9FTkrN_Vf96IhS8y6-EAS01qqvqdS3uIo-lJxoY/s1600/9.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="165" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjkPQt3SCjZ3bTX-kyJIRjgP14iJI_mZvRwxOh4N3doH6qnZFN_R1Q-vfHpHvqJPuVGBclTbh3qI2qEW55YNnAQEThyGzXQXfA21cbl9FTkrN_Vf96IhS8y6-EAS01qqvqdS3uIo-lJxoY/s320/9.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_yCRdfCRZqjrCPdwJBADDSYBQ7D__OvpyLZSIaDHplxc7qAZvoLX4XfO5JJ6Jpf4EQdgR54DCGe05IciIx6XJFycxQyrL7dr2WkLHEcdfJWjDH2qPcTHMMo-f-gOfQ5r_8jJj8mPaRs8Z/s1600/10.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="165" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg_yCRdfCRZqjrCPdwJBADDSYBQ7D__OvpyLZSIaDHplxc7qAZvoLX4XfO5JJ6Jpf4EQdgR54DCGe05IciIx6XJFycxQyrL7dr2WkLHEcdfJWjDH2qPcTHMMo-f-gOfQ5r_8jJj8mPaRs8Z/s320/10.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifbxK5gEzSDm7UWkCwqe4p-2Jll2_VpqfVSJ0JHEmks3MCCYOzlLD6dRdxW3fY3D4h3mQIcT7iRoFup1aHPjsmk_rRNYLe0pD74jpT0i1nFdA2wqjQQiL-ISeVW9XSWW4zHsax8jfVuBMh/s1600/11.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="176" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEifbxK5gEzSDm7UWkCwqe4p-2Jll2_VpqfVSJ0JHEmks3MCCYOzlLD6dRdxW3fY3D4h3mQIcT7iRoFup1aHPjsmk_rRNYLe0pD74jpT0i1nFdA2wqjQQiL-ISeVW9XSWW4zHsax8jfVuBMh/s320/11.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnBDokHhjaK0rOVabqDeakdWFhG09L3GHU0028qlC_xKWcRgLRAbBUT99IN2kB6OtW4YYgZaHK4XyAL_B17zG7SzXqmU6Z9fKuZnkPNu8g6wzaG4OgLDV37YW4zRV-ILSP_ikSDRn9JwiQ/s1600/12.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="175" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnBDokHhjaK0rOVabqDeakdWFhG09L3GHU0028qlC_xKWcRgLRAbBUT99IN2kB6OtW4YYgZaHK4XyAL_B17zG7SzXqmU6Z9fKuZnkPNu8g6wzaG4OgLDV37YW4zRV-ILSP_ikSDRn9JwiQ/s320/12.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiB8CmT9C3X0jo7S7v1HoYQFSSkVt0sHTxYzVNYXowKi7pSIn-PeXcANiCJHH1j_CSmsHL8QfGjSxgzhG5fp4Qs-PASfybvkIPU9v61vaps53e5IXp-tuX9epZH0cb4SeC3eJv78qxKB52U/s1600/13.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="174" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiB8CmT9C3X0jo7S7v1HoYQFSSkVt0sHTxYzVNYXowKi7pSIn-PeXcANiCJHH1j_CSmsHL8QfGjSxgzhG5fp4Qs-PASfybvkIPU9v61vaps53e5IXp-tuX9epZH0cb4SeC3eJv78qxKB52U/s320/13.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIIgzUdyRfiYIWwYSPfjOYFdoDXdz16dRUr-BBhecbdAwFaK7yHIafoyrOs9r0y1JpkJ5vL0EMoN0-Otm1YPI9yTLzEiWZo_cs1nfajE0al9Uj84WDMhYCCAyIUD1W9p3sx4smDMkzVDbI/s1600/14.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="174" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIIgzUdyRfiYIWwYSPfjOYFdoDXdz16dRUr-BBhecbdAwFaK7yHIafoyrOs9r0y1JpkJ5vL0EMoN0-Otm1YPI9yTLzEiWZo_cs1nfajE0al9Uj84WDMhYCCAyIUD1W9p3sx4smDMkzVDbI/s320/14.jpg" width="320" /></a></div>
<div dir="ltr" style="line-height: 100%; margin-bottom: 0cm; text-align: left;">
<br /></div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-17758552226233134562015-08-08T18:25:00.002-07:002015-08-08T18:25:49.103-07:00Anonymous India hacked BSNL - 30 milion people in risk. <div dir="rtl" style="text-align: right;" trbidi="on">
לפני כחודש חברת התקשורת ההודית BSNL נפרצה,החברה הינה חברה ממשלתית.<br />הידיעה הזו לא מוכרת מספיק למרות החשיבות שלה,ונראה שרק 296 אנשים צפו בלינק לחומר החלקי שהודלף (מאז ה05.07.2015).<br /><br />לפי התיאור של התוקפים, מדובר על לפחות 30 מיליון לקוחות,כולל פרטי תשלום ופרטים רבים אחרים.<br /><br />מבחינת רקע,בהודו כל פרצת אבטחה קטנה משתקפת במליוני יוזרים,והחברות והאתרים הממשלתיים מאובטחים באופן גרוע - יחסית לשוק הפרטי ובכלל.<br />
<br />
<br />
בדומה לאולטימטום האחרון שנעשה מול מפעילי הבגידות "<span class="st"><a href="http://www.geektime.co.il/ashley-madison-users-info-hacked/" rel="nofollow" target="_blank">אשלי מדיסון</a>" גם כאן יש הצגת תנאים על ידי הפורצים, אך במקרה זה מדובר בסחיטה של מדינה על ידי האקרים,שככל הנראה גם מגיעים ממנה.</span><br />
<span class="st"> </span><br />אלו הדרישות שלהם:<br />
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQoR9IGNzkxUnFJoWoE0NWWAQ2aoWReW4uxXWCsmv5QJCX5qg4amqiWtYp5Zc5dAk8C_g5n-pEVV1v4D6IzBb0qo530ZofoIQit0CTYEtumZjPK7O5RNTcog93HIuAXZugIfxLwdHsLiJp/s1600/1.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="162" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQoR9IGNzkxUnFJoWoE0NWWAQ2aoWReW4uxXWCsmv5QJCX5qg4amqiWtYp5Zc5dAk8C_g5n-pEVV1v4D6IzBb0qo530ZofoIQit0CTYEtumZjPK7O5RNTcog93HIuAXZugIfxLwdHsLiJp/s320/1.jpg" width="320" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZDG7CRrPd1Cb0zTqKsII5wToOazLhSwyB6o7NZ3CG_Lx2Nza8sMVBe-alb0zhHL13JjlJEtr94UaJfxzUtMRxLjUmUfEl6flWKDwhrMLVWmkEbJQb73FFsdqd1bnHM4NMI3xgr7IZaVs0/s1600/3.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="163" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZDG7CRrPd1Cb0zTqKsII5wToOazLhSwyB6o7NZ3CG_Lx2Nza8sMVBe-alb0zhHL13JjlJEtr94UaJfxzUtMRxLjUmUfEl6flWKDwhrMLVWmkEbJQb73FFsdqd1bnHM4NMI3xgr7IZaVs0/s320/3.jpg" width="320" /></a></div>
<br />Message to Government of India:<br /><br />1) Demand government to take action against RS Prasad for openly challenging privacy of the citizens of India.<br /><br />2) Demand government to take action against TRAI for their stupidity of releasing million Email IDs, helping spammers & violating your very own IT laws.<br /><br />3) Demand government to take action against Reliance sending unencrypted data to China via their Jio Chat app.<br /><br />4) Demand government (RS Prasad) to stop moving towards a licensing regime. We are watching your every move on net neutrality.<br /><br />5) Demand government to shut down all surveillance projects like CMS & RS Prasad’s interception of phone calls before it is too late. Also release all details in public of whose phone calls have been tapped & are under surveillance.<br /><br />7) Demand government to take action against NIC for trying to change history. Wikipedia is not your medium to promote lies & propagandas.<br /><br />The group has also asked the Minister for Communications and Information Technology, Ravi Shankar Prasad, “to stop moving towards a licensing regime”.<br /><br />מומלץ לעקוב כאן:<br />
<br />
<div class="permalink-header">
<div class="follow-bar">
<div class="user-actions btn-group not-following " data-name="AnonOpsIndia" data-protected="false" data-screen-name="opindia_revenge" data-user-id="576386939">
</div>
</div>
</div>
<div class="follow-bar">
<div class="user-actions btn-group not-following " data-name="AnonOpsIndia" data-protected="false" data-screen-name="opindia_revenge" data-user-id="576386939">
</div>
</div>
<span class="fullname js-action-profile-name show-popup-with-id">AnonOpsIndia</span><br /><span class="fullname js-action-profile-name show-popup-with-id"></span><a href="http://anonopsindia.tumblr.com/" rel="nofollow" target="_blank">http://anonopsindia.tumblr.com</a><br /><a href="http://ianarchism.quora.com/" rel="nofollow" target="_blank"> http://ianarchism.quora.com</a><br />
<a href="https://twitter.com/opindia_revenge/status/617728473273094144?lang=en" rel="nofollow" target="_blank">https://twitter.com/opindia_revenge/status/617728473273094144?lang=en</a><br />מקורות:<br /><br />dump<br /><br />
<a href="http://pastebin.com/G8MCynGJ" rel="nofollow" target="_blank">http://pastebin.com/G8MCynGJ</a><br />
<br />
<br />
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpHu0bvrC8EpV_8pZ0rVUR-j-1OPTyMi636qYsJ6MXeHHkXBefWpWYU2NUDlAHl1fKj3XcsL7vNL_P3Eip396sUZ2QEQkN-wTu-630YgTYSPaHOzaFqwMQqr9EOfnNLsFzKdYUPFTDCSA2/s1600/2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="173" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpHu0bvrC8EpV_8pZ0rVUR-j-1OPTyMi636qYsJ6MXeHHkXBefWpWYU2NUDlAHl1fKj3XcsL7vNL_P3Eip396sUZ2QEQkN-wTu-630YgTYSPaHOzaFqwMQqr9EOfnNLsFzKdYUPFTDCSA2/s320/2.jpg" width="320" /></a></div>
<br />מדיה<br /><a href="http://www.techworm.net/2015/07/anonymous-india-hack-bsnl-website-claim-to-have-access-to-30-million-records.html" rel="nofollow" target="_blank">http://www.techworm.net/2015/07/anonymous-india-hack-bsnl-website-claim-to-have-access-to-30-million-records.html</a><br /><br /><a href="http://www.demanjo.com/news/technology/2391045/hacktivist-group-anonopsindia-hacks-bsnl-website--days-after-hacking-nation-s-pan-database.html" rel="nofollow" target="_blank">http://www.demanjo.com/news/technology/2391045/hacktivist-group-anonopsindia-hacks-bsnl-website--days-after-hacking-nation-s-pan-database.html</a><br /><br />עמוד שנפרץ<br /><a href="http://webcache.googleusercontent.com/search?q=cache:BVKBjnCOyeIJ:tj.bsnl.co.in/tjeditions/OCT13/anonops.html+&cd=1&hl=en&ct=clnk" rel="nofollow" target="_blank">http://webcache.googleusercontent.com/search?q=cache:BVKBjnCOyeIJ:tj.bsnl.co.in/tjeditions/OCT13/anonops.html+&cd=1&hl=en&ct=clnk</a><br /><br />רשתות חברתיות<br /><a href="https://twitter.com/TrooperTroller/status/617746630004092928" rel="nofollow" target="_blank">https://twitter.com/TrooperTroller/status/617746630004092928</a><br /><br /><a href="https://twitter.com/techworm_in/status/617377743534080000" rel="nofollow" target="_blank">https://twitter.com/techworm_in/status/617377743534080000</a><br /><br /></div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-90438198503757350192015-04-11T11:58:00.001-07:002015-04-11T12:07:25.380-07:00Channel two in morning show - spoof caller ID and SCADA<div dir="rtl" style="text-align: right;" trbidi="on">
<div dir="ltr" style="text-align: left;">
Last week I have been in morning show, were I have spoke about hacking, preventing security problem and more.</div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
The idea was to make people understand hacking.<br />
<br />
The ministry of science technology and space in Israel asked me to do it,due to the coming publishing of white paper by the research group which I'm part of, in Tel Aviv University.<br />
<br />
The paper will be shown in the website of <a href="http://most.gov.il/English/Pages/default.aspx" rel="nofollow" target="_blank">The ministry of science technology and space.</a><br />
<br /></div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div dir="ltr" style="text-align: left;">
Enjoy! </div>
<div dir="ltr" style="text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<iframe allowfullscreen="" class="YOUTUBE-iframe-video" data-thumbnail-src="https://i.ytimg.com/vi/L3GJwanEPd0/0.jpg" frameborder="0" height="266" src="http://www.youtube.com/embed/L3GJwanEPd0?feature=player_embedded" width="320"></iframe></div>
<div dir="ltr" style="text-align: left;">
</div>
</div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.comtag:blogger.com,1999:blog-5679769881387382271.post-28087136071003828962015-04-03T10:54:00.001-07:002015-04-03T10:54:16.120-07:00חג החירות של הדומיינים או חג החירות של התוקפים - חשש לחטיפת דומיינים בישראל<div dir="rtl" style="text-align: right;" trbidi="on">
<div style="text-align: right;">
חשש לחטיפת דומיינים:<br /><br />לאחרונה יש מהלך של איגוד האינטרנט הישראלי שבו מעדכנים כתובות דומיינים.<br />לפי סקירה של הארכיטקטורה של הממשק,נראה שניתן להגיש בקשות שעלולות להביא להשתלטות על דומיינים ולשנות כתובת DNS.<br /><br />משם זה תלוי בתוקף<br /><br />מתקפות בסיסיות לדוגמא:<br /><b><br /></b></div>
<ul style="text-align: right;">
<li><span style="color: orange;">מחיקה ואו-DNS תביא למתקפת DOS כי לא תהיה גישה לאתרים</span></li>
<li><span style="color: orange;"> חטיפת דומיין תיתן אפשרות לבקשת כופר על הדומיין</span></li>
<li><span style="color: orange;">השתלטות על DNS ודומיין ביחד, נותנים לבצע פישינג על אתרים</span></li>
</ul>
<div style="text-align: right;">
<br />על הרקע למהלך ניתן לקרוא <a href="http://hwzone.co.il/%D7%97%D7%92-%D7%94%D7%97%D7%99%D7%A8%D7%95%D7%AA-%D7%9E%D7%92%D7%99%D7%A2-%D7%92%D7%9D-%D7%9C%D7%93%D7%95%D7%9E%D7%99%D7%99%D7%A0%D7%99%D7%9D-%D7%91%D7%A1%D7%99%D7%95%D7%9E%D7%AA-il/" rel="nofollow" target="_blank">כאן</a></div>
<br />
איגוד האינטרנט לא ענה לפניה שנעשתה ב 31.03, בנוגע לצורת ההגנה על התהליך של הסדרת הדומיינים.<br />
<br />
בפניה עקיפה שנעשתה, נאמר בתגובה שהם מודעים היטב לנושא אבטחת המידע ולוקחים את הנושא במלוא הרצינות.<br />
<br />
ברור לי שיש כאן גם דברים חיוביים, אבל השיטה מזמינה מתקפות.<br />
יש שאלות נוספות שנציף בהמשך<br />
<br />
רקע נוסף:<br />
<br />
אתר המערכת<br />
<br /><a href="http://www.1999.co.il/" rel="nofollow" target="_blank">http://www.1999.co.il</a><br />
<br />
<br />
<br />
<br />
<br />
<br />
תקנון<br />
<br /><a href="http://www.1999.co.il/LMC_infopage.pdf" rel="nofollow" target="_blank">http://www.1999.co.il/LMC_infopage.pdf</a><br />
<br />
<br />
<br />מערכת לתביעת בעלות על דומיינים<br />
<br /><a href="http://www.isoc.org.il/domain_heb/registration_direct.html" rel="nofollow" target="_blank">http://www.isoc.org.il/domain_heb/registration_direct.html</a><br /> <br />
<a href="https://register.isoc.org.il/register/modify" rel="nofollow" target="_blank">https://register.isoc.org.il/register/modify</a><br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUQeo7jMFDPCGl3O2z64LojgLxd4N1vRiwKm2tZonkHZsiClAEQPcSkbhXfKeXh4lXHGOwexwFb7Zn2L5a8NhBfDL9FXUVuF6tAtSFvgm7wU3BR6KHY-GKpTDzxHaReV5mgKyE8gwfsmGM/s1600/ltmcogo2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiUQeo7jMFDPCGl3O2z64LojgLxd4N1vRiwKm2tZonkHZsiClAEQPcSkbhXfKeXh4lXHGOwexwFb7Zn2L5a8NhBfDL9FXUVuF6tAtSFvgm7wU3BR6KHY-GKpTDzxHaReV5mgKyE8gwfsmGM/s1600/ltmcogo2.jpg" height="278" width="320" /></a></div>
<br />
<br />
<br /></div>
amitay danhttp://www.blogger.com/profile/05457604763454171189noreply@blogger.com