Tag Archives: lengthy

Finalized TLS 1.3 update has been published at last

The finalized and completed version of TLS 1.3 was published last week following a lengthy draft review process.

The Internet Engineering Task Force (IETF) published the latest version of the Transport Layer Security protocol used for internet encryption and authentication on Friday, Aug. 10, 2018, after starting work on it in April 2014. The final draft, version 28, was approved in March. It replaces the previous standard, TLS 1.2, which was published in RFC 5246 in August 2008. Originally based on the Secure Sockets Layer protocol, the new version of TLS has been revised significantly.

“The protocol [TLS 1.3] has major improvements in the areas of security, performance, and privacy,” IETF wrote in a blog post.

Specifically, TLS 1.3 “provides additional privacy for data exchanges by encrypting more of the negotiation handshake to protect it from eavesdroppers,” compared with TLS 1.2, IETF explained. “This enhancement helps protect the identities of the participants and impede traffic analysis.”

TLS 1.3 also has forward secrecy by default, so current communications will stay secured even if future communications are compromised, according to IETF.

“With respect to performance, TLS 1.3 shaves an entire round trip from the connection establishment handshake,” IETF wrote in its blog post announcing the finalized protocol. “In the common case, new TLS 1.3 connections will complete in one round trip between client and server.”

As a result, TLS 1.3 is expected to be faster than TLS 1.2. It will also remove outdated cryptography, such as the RSA key exchange, 3DES and static Diffie-Hellman, and thus free TLS 1.3 of the vulnerabilities that plagued TLS 1.2, such as FREAK and Logjam.

“Although the previous version, TLS 1.2, can be deployed securely, several high profile vulnerabilities have exploited optional parts of the protocol and outdated algorithms,” IETF wrote. “TLS 1.3 removes many of these problematic options and only includes support for algorithms with no known vulnerabilities.”

And, as Mozilla explained in a blog post, “TLS 1.3 is designed in cooperation with the academic security community and has benefitted from an extraordinary level of review and analysis. This included formal verification of the security properties by multiple independent groups; the TLS 1.3 RFC cites 14 separate papers analyzing the security of various aspects of the protocol.”

TLS 1.3 has already been widely deployed, according to Mozilla. The Firefox and Google Chrome browsers have draft versions deployed, with final version deployments on the way. And Cloudflare, Google and Facebook have also partially deployed the protocol.

For Sale – Random bits, b> claymore/spatha

Hey guys,

B> rog claymore / rog spatha

Had to archive my old thread as it was getting lengthy. Hope this will be a lot more manageable.

All in very good/mint condition unless specified:

Asus gladius mouse, box extra switches pretty good condition – 30£ delivered

Ax 860/760 red individually sleeved cable set incl 24pin – 60£ – 24 pin has some slight marks from arctic mx-4 paste, barely visible

Harman kardon soundsticks 3 – 50£ delivered

Ozone battle strike tkl keyboard with mx brown cherries – 40£ delivered

Will update if I dig up more stuff.

Many thanks

Price and currency: Various
Delivery: Delivery cost is included within my country
Payment method: Paypal gift
Location: London – canary wharf
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Random bits, b> claymore/spatha

Hey guys,

B> rog claymore / rog spatha

Had to archive my old thread as it was getting lengthy. Hope this will be a lot more manageable.

All in very good/mint condition unless specified:

Asus gladius mouse, box extra switches pretty good condition – 30£ delivered

Ax 860/760 red individually sleeved cable set incl 24pin – 60£ – 24 pin has some slight marks from arctic mx-4 paste, barely visible

Harman kardon soundsticks 3 – 50£ delivered

Ozone battle strike tkl keyboard with mx brown cherries – 40£ delivered

Will update if I dig up more stuff.

Many thanks

Price and currency: Various
Delivery: Delivery cost is included within my country
Payment method: Paypal gift
Location: London – canary wharf
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Kaspersky sheds more light on Equation Group malware detection

Kaspersky Lab published a lengthy report that shed further light on its discovery of Equation Group malware and its possession of classified U.S. government materials.

The antivirus company, which has been under intense scrutiny by government officials and lawmakers this year, disclosed that classified materials were transmitted to Kaspersky’s network between September 11, 2014 and November 17, 2014. In a previous explanation, the company said Kaspersky antivirus software detected malware on a computer located in the greater Baltimore area. Kaspersky later discovered a 7zip archive on the computer that had Equation Group malware and other materials with U.S. government classified markings.

Kaspersky’s new investigation details were issued in response to several media reports that claimed Russian state-sponsored hackers used Kaspersky’s antivirus software to identify and locate U.S. government data. The reports claimed that in 2015 an NSA contractor’s system was compromised by Russian hackers using Kaspersky antivirus scans, which led to a massive leak of confidential NSA files and Equation Group malware. The news reports also claimed Israeli intelligence penetrated Kaspersky’s network in 2014 and found classified NSA materials on its network.

The Equation Group was an APT group that was first identified by Kaspersky researchers in 2015 and later linked to the U.S. National Security Agency (NSA) in 2016 following disclosures by the hacking group known as the Shadow Brokers.

New details in Kaspersky’s investigation

Thursday’s report provided new details about the computer with Equation Group malware, which was believed to be the NSA contractor’s system. Kaspersky did not confirm or deny these reports, saying its software anonymizes users’ information and divulging details about the specific user in this case would violate its ethical and privacy standards.

The Kaspersky investigation revealed the suspected NSA contractor’s computer was “compromised by a malicious actor on October 4, 2014” as a result of a backdoor Trojan known as Smoke Loader or Smoke Bot. The compromise occurred during the nearly two-month span Kaspersky identified and scanning the computer from Sept. 11 to Nov. 17, 2014.

Kaspersky said it believes the user turned Kaspersky’s antivirus software off at some point during that time frame in order to install a pirated version of Microsoft Office, which allowed Smoke Loader to activate. The report also noted Smoke Loader was attributed to a Russian Hacker in 2011 and was known to be distributed on Russian hacker forums.

Kaspersky said once the classified markings were discovered in the 7zip archive materials, all data except the malware binaries was deleted under order of CEO Eugene Kaspersky. The company also said it “found no indication the information ever left our corporate networks.”

Kaspersky’s report appeared to suggestthe threat actors who reportedly found the classified NSA data and Equation Group malware likely did so by hacking the computer directly with Smoke Loader and not, as media reports claimed, by hacking into Kaspersky’s network and abusing the company’s antivirus technology.

The company also said it’s possible the computer had other malware on it that Kaspersky didn’t detect.

“Given that system owner’s potential clearance level, the user could have been a prime target of nation states,” the report stated. “Adding the user’s apparent need for cracked versions of Windows and Office, poor security practices, and improper handling of what appeared to be classified materials, it is possible that the user could have leaked information to many hands. What we are certain about is that any non-malware data that we received based on passive consent of the user was deleted from our storage.”

Thursday’s report followed comments from Jeanette Manfra, assistant secretary for cybersecurity and communications at the U.S. Department of Homeland Security, who told the House Science, Space and Technology Oversight Subcommittee earlier this week that there was no conclusive evidence that Kaspersky software had been exploited to breach government systems.

Policy changes

The report also contained new information about how Kaspersky responded to the 2014 Equation Group malware discovery and the company policy changes that followed.

“The reason we deleted those files and will delete similar ones in the future is two-fold; We don’t need anything other than malware binaries to improve protection of our customers and secondly, because of concerns regarding the handling of potential classified materials,” the report states. “Assuming that the markings were real, such information cannot and will not [be] consumed even to produce detection signatures based on descriptions.”

Kaspersky said that those concerns led to the adoption of a new policy for the company that requires all analysts to “delete any potential classified materials that have been accidentally collected during anti-malware research or received from a third party.”

The report didn’t say whether or not Kaspersky ever notified the NSA or other government agencies about the Equation Group malware it discovered or the classified data contained in the 7zip archive. In a previous statement on the situation, the company stated, “As a routine procedure, Kaspersky Lab has been informing the relevant U.S. government institutions about active APT infections in the USA.” It’s also unclear why, after finding the classified U.S. government files, the company never disclosed Equation Group was connected to the NSA.

Kaspersky has not responded to requests for comment on these questions.

The company responded to media reports that claimed threat actors used Kaspersky antivirus scans to hunt for classified markings.

“We have done a thorough search for keywords and classification markings in our signature databases,” Kaspersky said. “The result was negative: we never created any signatures on known classification markings.”

Kaspersky did, however, acknowledged that a malware analyst created a signature for the word “secret” based on the discovery of the TeamSpy malware in 2013, which used a wildcard string pattern based on several keywords, including “secret.” The company hypothesized that a third party may have either misinterpreted the malware signature or maliciously used it against Kaspersky to spread false allegations.

For Sale – Random bits, b> claymore/spatha

Hey guys,

B> rog claymore / rog spatha

Had to archive my old thread as it was getting lengthy. Hope this will be a lot more manageable.

All in very good/mint condition unless specified:

Asus gladius mouse, box extra switches pretty good condition – 30£ delivered

Ax 860/760 red individually sleeved cable set incl 24pin – 60£ – 24 pin has some slight marks from arctic mx-4 paste, barely visible

Harman kardon soundsticks 3 – 50£ delivered

Ozone battle strike tkl keyboard with mx brown cherries – 40£ delivered

Will update if I dig up more stuff.

Many thanks

Price and currency: Various
Delivery: Delivery cost is included within my country
Payment method: Paypal gift
Location: London – canary wharf
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Random bits, b> z77 board

Hey guys,

B> z77 board for a mate on the cheap side.

Had to archive my old thread as it was getting lengthy. Hope this will be a lot more manageable.

All in very good/mint condition unless specified otherwise.

Old Dell screen – 24″ 1080p 60hz – 50£ picked up, will update with model. – sold

Hyper x cloud ii headset – 50£ delivered

Asus gladius mouse, box extra switches pretty good condition – 30£ delivered

Ax 860/760 red individually sleeved cable set incl 24pin – 60£ – 24 pin has some slight marks from arctic mx-4 paste, barely visible

Harman kardon soundsticks 3 – 50£ delivered

Will update if I dig up more stuff.

Many thanks

Price and currency: Various
Delivery: Delivery cost is included within my country
Payment method: Paypal gift
Location: London – canary wharf
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Random bits, b> z77 board

Hey guys,

B> z77 board for a mate on the cheap side.

Had to archive my old thread as it was getting lengthy. Hope this will be a lot more manageable.

All in very good/mint condition unless specified otherwise.

Old Dell screen – 24″ 1080p 60hz – 50£ picked up, will update with model. – sold

Hyper x cloud ii headset – 50£ delivered

Asus gladius mouse, box extra switches pretty good condition – 30£ delivered

Ax 860/760 red individually sleeved cable set incl 24pin – 60£ – 24 pin has some slight marks from arctic mx-4 paste, barely visible

Harman kardon soundsticks 3 – 50£ delivered

Will update if I dig up more stuff.

Many thanks

Price and currency: Various
Delivery: Delivery cost is included within my country
Payment method: Paypal gift
Location: London – canary wharf
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Random bits, b> z77 board

Hey guys,

B> z77 board for a mate on the cheap side.

Had to archive my old thread as it was getting lengthy. Hope this will be a lot more manageable.

All in very good/mint condition unless specified otherwise.

Old Dell screen – 24″ 1080p 60hz – 50£ picked up, will update with model. – sold

Hyper x cloud ii headset – 50£ delivered

Asus gladius mouse, box extra switches pretty good condition – 30£ delivered

Ax 860/760 red individually sleeved cable set incl 24pin – 60£ – 24 pin has some slight marks from arctic mx-4 paste, barely visible

Harman kardon soundsticks 3 – 50£ delivered

Will update if I dig up more stuff.

Many thanks

Price and currency: Various
Delivery: Delivery cost is included within my country
Payment method: Paypal gift
Location: London – canary wharf
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Random bits, b> z77 board

Hey guys,

B> z77 board for a mate on the cheap side.

Had to archive my old thread as it was getting lengthy. Hope this will be a lot more manageable.

All in very good/mint condition unless specified otherwise.

Old Dell screen – 24″ 1080p 60hz – 50£ picked up, will update with model. – sold

Hyper x cloud ii headset – 50£ delivered

Asus gladius mouse, box extra switches pretty good condition – 30£ delivered

Ax 860/760 red individually sleeved cable set incl 24pin – 60£ – 24 pin has some slight marks from arctic mx-4 paste, barely visible

Harman kardon soundsticks 3 – 50£ delivered

Will update if I dig up more stuff.

Many thanks

Price and currency: Various
Delivery: Delivery cost is included within my country
Payment method: Paypal gift
Location: London – canary wharf
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Random bits, b> z77 board

Hey guys,

B> z77 board for a mate on the cheap side.

Had to archive my old thread as it was getting lengthy. Hope this will be a lot more manageable.

All in very good/mint condition unless specified otherwise.

Old Dell screen – 24″ 1080p 60hz – 50£ picked up, will update with model. – sold

Hyper x cloud ii headset – 50£ delivered

Asus gladius mouse, box extra switches pretty good condition – 30£ delivered

Ax 860/760 red individually sleeved cable set incl 24pin – 60£ – 24 pin has some slight marks from arctic mx-4 paste, barely visible

Harman kardon soundsticks 3 – 50£ delivered

Will update if I dig up more stuff.

Many thanks

Price and currency: Various
Delivery: Delivery cost is included within my country
Payment method: Paypal gift
Location: London – canary wharf
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.