Wednesday, January 7, 2009

No Tech Hacking or Shadow Factory

No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing

Author: Johnny Long

As the cliché reminds us, information is power. In this age of computer systems and technology, an increasing majority of the world's information is stored electronically. It makes sense then that as an industry we rely on high-tech electronic protection systems to guard that information. As a professional hacker, I get paid to uncover weaknesses in those systems and exploit them. Whether breaking into buildings or slipping past industrial-grade firewalls, my goal has always been the same: extract the informational secrets using any means necessary. After hundreds of jobs, I discovered the secret to bypassing every conceivable high-tech security system. This book reveals those secrets, and as the title suggests, it has nothing to do with high technology. As it turns out, the secret isn't much of a secret at all. Hackers have known about these techniques for years. Presented in a light, accessible style, you'll get to ride shotgun with the authors on successful real-world break-ins as they share photos, videos and stories that prove how vulnerable the high-tech world is to no-tech attacks.

As you browse this book, you'll hear old familiar terms like "dumpster diving", "social engineering", and "shoulder surfing". Some of these terms have drifted into obscurity to the point of becoming industry folklore; the tactics of the pre-dawn information age. But make no mistake; these and other old-school tactics work with amazing effectiveness today. In fact, there's a very good chance that someone in your organization will fall victim to one or more of these attacks this year. Will they be ready?

•Dumpster Diving Be a good sport and don't read the two "D" wordswritten in big bold letters above, and act surprised when I tell you hackers can accomplish this without relying on a single bit of technology (punny).
•Tailgating Hackers and ninja both like wearing black, and they do share the ability to slip inside a building and blend with the shadows.
•Shoulder Surfing If you like having a screen on your laptop so you can see what you're working on, don't read this chapter.
•Physical Security Locks are serious business and lock technicians are true engineers, most backed with years of hands-on experience. But what happens when you take the age-old respected profession of the locksmith and sprinkle it with hacker ingenuity?
•Social Engineering with Jack Wiles Jack has trained hundreds of federal agents, corporate attorneys, CEOs and internal auditors on computer crime and security-related topics. His unforgettable presentations are filled with three decades of personal "war stories" from the trenches of Information Security and Physical Security.
•Google Hacking A hacker doesn't even need his own computer to do the necessary research. If he can make it to a public library, Kinko's or Internet cafe, he can use Google to process all that data into something useful.
•P2P Hacking Let's assume a guy has no budget, no commercial hacking software, no support from organized crime and no fancy gear. With all those restrictions, is this guy still a threat to you? Have a look at this chapter and judge for yourself.
•People Watching Skilled people watchers can learn a whole lot in just a few quick glances. In this chapter we'll take a look at a few examples of the types of things that draws a no-tech hacker's eye.
•Kiosks What happens when a kiosk is more than a kiosk? What happens when the kiosk holds airline passenger information? What if the kiosk holds confidential patient information? What if the kiosk holds cash?
•Vehicle Surveillance Most people don't realize that some of the most thrilling vehicular espionage happens when the cars aren't moving at all!

Books about: Petróleo y Ley de Gas en una Cáscara de nuez

Shadow Factory: The Ultra-Secret NSA from 9/11 to the Eavesdropping on America

Author: James Bamford

“There have been glimpses inside the NSA before, but until now no one has published a comprehensive and detailed report on the agency . . . Mr. Bamford has emerged with everything except the combination to the director’s safe.” –New York Times Book Review

Today’s National Security Agency is the largest, most costly, and most technologically advanced spy organization the world has ever known. It is also the most intrusive, secretly filtering millions of phone calls and e-mails an hour in the United States and around the world. Half a million people live on its watch list, and the number grows by the thousands every month. Has America become a surveillance state?

In The Shadow Factory, James Bamford, the foremost expert on the National Security Agency, charts its transformation since 9/11, as the legendary code breakers turned their ears away from outside enemies, such as the Soviet Union, and inward to enemies whose communications increasingly crisscross America.

Fast-paced and riveting, The Shadow Factory is about a world unseen by Americans without the highest security clearances. But it is a world in which even their most intimate whispers may no longer be private.

The Washington Post - Bob Kerrey

…important and disturbing …By detailing the failures of the NSA and CIA, Bamford goes where the 9/11 Commission did not fully go. He convincingly makes the case that our intelligence problems had little to do with the limitations imposed on the NSA or other agencies…this revealing and provocative book is necessary reading, perhaps especially for members of Congress who annually reauthorize the work of the NSA. They should look again at the 9/11 Commission's recommendations to reform the congressional committees that watch over the executive branch agencies responsible for protecting us. Unless that oversight is strengthened, the fears expressed in The Shadow Factory will only grow.

Table of Contents:

Introduction 1

Bk. 1 Attack

Sanaa 7

Intercept 12

San Diego 22

Deaf 27

Mesa 39

Thinthread 44

Totowa 48

Chatter 55

Cambrils 58

Warning 63

Fort Lee 70

Discovery 74

Laurel 76

Surprise 82

Pentagon 89

Bk. 2 Targets

Opportunity 99

Hunters 105

FISA 112

Mission 119

Highlander 124

Assassination 135

War 143

Bk. 3 Cooperation

Shamrock 161

Qwest 169

Cables 175

Splitter 188

Industry 197

Transit 207

Partners 212

Wiretappers 234

Technotyranny 254

Miners 262

Bk. 4 Discovery

Fractures 271

Emergency 278

Exposure 287

Extremis 293

Immunity 301

Bk. 5 Future

Exabytes 311

Trailblazer 325

Turbulence 331

Abyss 341

Notes 347

Index 379

No comments:

Post a Comment