#Crosshair is gru | Explore Tumblr Posts and Blogs

creme183 · 3 years

Text

Bad Batch College AU (Pt 1)

Other Posts

General HC

* They go to the fictional college of “the Grand Republic University of DC.” (GRU-DC)

* Hunter, Tech, Wrecker, and Crosshair are quadruplets (born in that order)

* Echo is adopted, but has the same father as the others. It’s complicated.

* Omega is the baby sister, also same father, but separated from her twin, Boba, at birth. Also very complicated.

* Omega is in middle school while her brothers are all in college.

* They all live in an apartment off campus and you can bet that there were some crazy wild parties there (one of which where Hunter and Wrecker got so drunk they wrote a very long email to congresswoman Padme Amidala about how they were never interested in politics till she was elected)

* Gonky is their trash cat that lives in the apartment dumpster. It is friendly with everyone but it especially likes Omega.

Tech

* Will overwrite every paper given. Will also turn in a week early only for the professor to say “gotta cut a lot of this. There’s a page limit!” And he will cut it back, grumbling the entire time that there’s no such thing as too much research.

* Uses a ruler and compass in his notes to make perfect diagrams and graphs. They look better than the powerpoints

* Crosses out typos in textbooks. In PEN. To ascertain his dominance in knowledge.

* Is that student who corrects the professor. Always using “technically, it is actually-“ cue the rest of the class groaning.

* Professors either love him or hate him. There is no in-between.

* Triple major. Computer Engineering, Electrical Engineering, and Mechanical Engineering. Has a minor in Statistics and countless electives in every major building.

* Once took an art class. It was the only class he ever failed. (Bonus: the art majors however loved it when his brothers came to check on him during studio hours. Especially the “dark and broody ones”)

* The college advising staff has to remind Tech every semester that he cannot take more than 10 classes at a time, even with a triple major. Tech always sends in a strongly worded letter to the staff about the pursuit of knowledge. They are always thrown away unopened after receiving the first one.

* After freshman year of living in the library and in the apartment, Tech is forced to study outside at the insistence of his brother, Hunter, where he gets a lovely tan.

* Wrecker and Omega often join him in the park while he studies. Occasionally Crosshair will join but only so he can get some peace and quiet.

* Tech will help everyone with their homework. Even strangers that don’t go to university. Any poor soul in a coffee shop or the park bench is automatically on the radar. He tutors Wrecker and Omega especially, which is why they join him so often outside.

* Isn’t flustered around potential partners as many would assume, but is rather pragmatic (almost cold) in his answers for more personal relationships. Will insist that he is married to knowledge. However, does acknowledge attractiveness in the physical sense.

* Hates the movie “National Treasure” for how inaccurate it is about history and the plot line. Even hatched a plan on how to actually steal the Declaration of Independence (which he totally would never actually do…)

* When he is upset or in a mood, he runs to the Library of Congress. The staff know him personally there.

* In spring, with the hundreds of school field trips going to DC museums, he will casually start lecturing along with the tour guide if he’s there. He sometimes is kicked out for it. Other times the guide just is resigned to their fate and let’s him do it.

* Tech is banned from three bars’ trivia nights for obvious reasons.

* He is also consequentially banned from the debate team, as while he has good points, he has no care for decorum or protocol.

* Tech however is captain of the robotics team with one mission: take over the battlebots arena via total annihilation.

102 notes · View notes

holytheoristtastemaker · 4 years

Link

Russia has been hacking the UK for years and the British government has also known about it for years, according to the Intelligence and Security Committee’s report

Russia is a malicious and “highly capable” threat actor that employs organised cyber criminal gangs to supplement its own skills and carries out malicious cyber activity on a global scale to assert itself aggressively, and interfere in the affairs of other countries.

Security Committee’s report

Alex Scroxton, Security Editor

Published: 21 Jul 2020 12:15

CONTENT CONTINUES BELOW

DOWNLOAD THIS FREE GUIDE

Getting Cloud Security Right

Let's face it, cloud security can be done very wrong. Let's learn to do it right. Regular Computer Weekly contributor Peter Ray Allison explores this issue, weighing up the questions organisations should be asking of their cloud service providers, and whose responsibility cloud security should be.

Corporate E-mail Address:

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

It poses an immediate threat to the national security of the UK, and the intelligence community is failing to properly coordinate its response.

This is the judgment of the Intelligence and Security Committee (ISC), which under new leadership published the long-awaited Russia report on 21 July 2020, which despite having been ready for publication for months, has been repeatedly suppressed by Boris Johnson’s Conservative government.

The report reveals how Russia has conducted malicious cyber activity to influence democratic elections and undertake pre-positioning activity on critical national infrastructure (CNI) – in the course of giving evidence, the National Cyber Security Centre (NCSC) revealed there was Russian cyber intrusion into the UK’s CNI, although which sectors have been targeted is redacted.

It shows how Russian GRU intelligence agents conducted orchestrated phishing attacks on the UK government, in particular against the Foreign and Commonwealth Office (FCO) and the Defence Science and Technology Laboratory (DTSL) during the investigation into the Salisbury biological terror attacks.

The report also sheds light on how Russia has employed organised cyber criminal gangs, which MI6 has assessed “comes to the very muddy nexus between business and corruption and state power in Russia”. In the course of giving evidence, GCHQ told the committee there was a “considerable balance” of intelligence that shows links between serious and organised crime and Russian state activity, and described this as something of a symbiotic relationship.

Moreover, the report confirms that the UK government has known about the extent of Russian cyber activity in the UK for years, but has been too reluctant to point the finger at Moscow.

“Russia’s promotion of disinformation and attempts at political influence overseas – whether through the use of social media, hack and leak operations, or its state-owned traditional media – have been widely reported… The UK is clearly a target and must equip itself to counter such efforts,” said the committee in a lengthy press statement.

However, said the committee, the inquiry found it hard to establish who was responsible for defending the UK’s democratic processes against cyber attacks, branding it “something of a hot potato”. While it conceded there was naturally nervousness around any suggestion that the intelligence services might be inclined to get involved in the nitty-gritty of the democratic process, this did not apply when it came to protecting such processes. It questioned in particular whether DCMS and the Electoral Commission were really up to the job of tackling a major hostile state threat.

“Democracy is intrinsic to our country’s success and well-being. Protecting it must be a ministerial priority, with the Office for Security and Counter-Terrorism taking the policy lead and the operational role sitting with MI5,” said the committee.

The committee also blasted digital and social media platforms for failing to step up and take some responsibility. “The government must establish a protocol with these companies to ensure that they take covert hostile state use of their platforms seriously, with agreed deadlines within which such material will be removed, and government should ‘name and shame’ those which fail to act,” it said.

“We do however welcome the government’s increasingly assertive approach when it comes to identifying, and laying blame on, the perpetrators of cyber attacks, and the UK should encourage other countries to adopt a similar approach to ‘naming and shaming’.

“The same is true in relation to an international doctrine on the use of offensive cyber: this is now essential and the UK – as a leading proponent of the rules-based international order – should be promoting and shaping rules of engagement, working with our allies,” it added.

Ray Walsh, digital privacy advocate at ProPrivacy, said: “The Russia report finally published today by the UK government confirms what cyber security experts have been calling attention to for many years – that the Russian government and its state-employed hackers are engaging in active cyber warfare against the West, which includes phishing attempts against government agencies, the deployment of covert exploits designed to steal top-secret information, and activities designed to influence the democratic elections of other nations.

“Perhaps most damningly for the UK government is that the report reveals that the UK has been aware of Russia's ongoing cyber warfare for around four whole years. Back in 2016, the committee recommended that the UK government should leverage its diplomatic relationships to openly begin assigning blame to Russian cyber attacks and to gain support from the international community in finding ways to retaliate against or prevent those malicious practices.”

Walsh said the acknowledgement that Russia had been attempting to influence elections and the action of the UK government in suppressing the report for nine months may well cause people to question the legitimacy of the results of UK elections held in the past few years, including the Brexit referendum of June 2016.

“Cyber security firms have been detailing the nefarious activities and attack vectors of Russian state-sponsored hackers such as Fancy Bear, APT28, Pawn Storm, Sofacy, Sednit, Tsar Team, and Strontium for many years, but this is the first time that the UK government has formally acknowledged that those malicious state-sponsored actors have been directing their efforts directly at UK elections and government agencies,” said Walsh.

“Now that the UK has attributed blame, it will be interesting to see how exactly the government proceeds and what it can do to prevent those activities and produce actual changes in light of the findings,” he said.

Read more about cyber warfare

The future of cyber warfare places enterprise security and survivability in the crosshairs. Learn more about cyber warfare threats and capabilities and how infosec can prepare.

A retired US Navy cryptologist implores enterprises to build key cyber warfare laws into their infosec strategy to improve survivability on the digital battleground in his new book.

On a cold afternoon in Finland, F-Secure’s Mikko Hypponen discusses cyber weapons and nation state threats, and explains why arms limitations treaties might one day expand to include malware and other threats.

0 notes

goarticletec-blog · 6 years

Text

Using Airport and Hotel Wi-Fi Is Much Safer Than It Used to Be

New Post has been published on https://www.articletec.com/using-airport-and-hotel-wi-fi-is-much-safer-than-it-used-to-be/

Using Airport and Hotel Wi-Fi Is Much Safer Than It Used to Be

As you travel this holiday season, bouncing from airport to airplane to hotel, you’ll likely find yourself facing a familiar quandary: Do I really trust this random public Wi-Fi network? As recently as a couple of years ago, the answer was almost certainly a resounding no. But in the year of our lord 2018? Friend, go for it.

This advice comes with plenty of qualifiers. If you’re planning to commit crimes online at the Holiday Inn Express, or to visit websites that you’d rather people not know you frequented, you need to take precautionary steps that we’ll get to in a minute. Likewise, if you’re a high-value target of a sophisticated nation state—look at you!—stay off of public Wi-Fi at all costs. (Also, you’ve probably already been hacked some other way, sorry.)

But for the rest of us? You’re probably OK. That’s not because hotel and airport Wi-Fi networks have necessarily gotten that much more secure. The web itself has.

“A lot of the former risks, the reasons we used to warn people, those things are gone now,” says Chet Wisniewski, principle researcher at security firm Sophos. “It used to be because almost nothing on the internet was encrypted. You could sit there and sniff everything. Or someone could set up a rogue access point and pretend to be Hilton, and then you would connect to them instead of the hotel.”

In those Wild West days, in other words, signing onto a shared Wi-Fi network exposed you to myriad attacks, from hackers tracking your every move online, to so-called man-in-the-middle efforts that tricked you into entering your passwords, credit card information, or more on phony websites. A cheap, easy to use device called a Wi-Fi Pineapple makes those attacks simple to pull off.

All of that’s still technically possible. But a critical internet evolution has made those efforts much less effective: the advent of HTTPS.

HTTPS All Over

Look at the URL bar in your browser. Do you see that little lock symbol on the left? That means that traffic on this site is encrypted in transit from WIRED’s servers to your browser and back. That encryption is enabled by what’s knowns as Hypertext Transfer Protocol, with the ‘S’ standing for Secure. The most important thing to know about HTTPS, though, is that it obviates most of the attacks that (rightly) scared you off of public Wi-Fi in the first place.

“If you’re in the US, the web is pretty well encrypted. It’s unusual to go to a website that matters and it’s not HTTPS,” says Tod Beardsley, director of research at security firm Rapid7. “Because of that, the threat, and really the risk, of going on even sketchy local Wi-Fi has dramatically dropped.”

“A lot of the former risks, the reasons we used to warn people, those things are gone now.”

Chet Wisniewski, Sophos

Just how dramatically? Consider that as recently as March 2016, only 21 of the web’s top 100 sites used HTTPS by default. Today, that number has flipped. Seventy of the top 100 sites have HTTPS switched on by default, with nine more offering HTTPS compatibility. Many of the holdouts are based in China. As of January 2017, more than half of the web was encrypted. Today, about 84 percent of websites loaded through Firefox have HTTPS enabled. And yes, that includes porn.

HTTPS has some arguable drawbacks. Mainly, there’s virtually no barrier to getting HTTPS certification, which has made it attractive for criminal groups hoping to add an air of authenticity to bogus sites. That little green padlock guarantees that you’re sending data encrypted, but not that the person on the receiving end has scruples.

But that has nothing to do with hotel or airport Wi-Fi. You can fall for those scams no matter how you’ve connected to the internet. And using that approach to target those specific locations hardly seems worth it in practice.

“You’d have to get a soundalike domain name, register that, then get an encryption certificate, then get someone to go to your site,” says Beardsley. “I don’t know how successful an attack would be to set up my rogue Wi-Fi, wait for people to mistype a URL, and come to my fake bank site. I’m not super sure that’s a very valuable attack. You’re going to be waiting a long time for that typo.” Especially given another, slightly less recent change in how we use the web: So few people actively type URLS that Google has considered doing away with them altogether.

It helps to think through how other attacks might play out in practice as well, especially as caveats come into play. In addition to phony sites, there’s the concern that someone else on your network might be “sniffing” your browsing activity, the internet version of eavesdropping. They can still try, but HTTPS means that they can’t see what individual pages you’re visiting, just the domains. Someone could figure out you’re on Netflix, in other words, but not which movie you’re watching. Or they might know you’re on Bank of America’s site, but wouldn’t be able to see any of your identifying details. It’s the difference between observing a conversation from far across the street, and having it bugged.

You can easily imagine cases where that’s not still ideal. You may not want anyone to know that you’re visiting sites of a sensitive nature, regardless of what specifically you’re looking at while you’re there. And if you visit a site that has no HTTPS, all of those protections go out the window. But criminals have much more lucrative methods of attack these days—you don’t need hotel or airport Wi-Fi for searphishing or cryptomining—making hotels and airports that much less appealing of a target.

“I’m telling people to enjoy public Wi-Fi, whether they’re at Macy’s for Christmas shopping or at the Hilton,” says Wisniewski. “What’s in it for the adversary? Why would you choose monkeying with the Wi-Fi at the airport or the hotel over some other attack method? When you look at the profitability and the risk, it just doesn’t make sense other than an amateur to be doing it for giggles.”

Extra Protection

It’s totally understandable if you still have concerns. Maybe you visit a lot of unencrypted sites, or don’t want a hotel chain to have even domain-level insight into your browsing. Or maybe you’re a journalist, or an aerospace executive, or a politician, or someone else the GRU or Chinese intelligence agencies might put in their crosshairs. Or maybe you’ve just got a vestigial mistrust that you can’t shake.

“The threat, and really the risk, of going on even sketchy local Wi-Fi has dramatically dropped.”

Tod Beardsley, Rapid7

That’s fine! Whatever the case, there are plenty of things you can do to protect yourself, starting with using a virtual private network. A VPN sends all of your traffic through an encrypted connection, meaning that the hotel or anyone else can’t see where you’ve been or what you’re doing. Well, almost anyone else; the VPN provider potentially could, so use one you trust.

Even better than a VPN, especially if you have an unlimited data plan: Use your smartphone as a hotspot. “There aren’t any published exploits that are useful over LTE. If you’re really worried about it, tether up your phone,” says Beardsley. “That’ll get you a long way.”

But if those don’t apply to you; if you’re just hopping on Facebook and Amazon, or looking up good nearby restaurants on Yelp? Use the Wi-Fi at the hotel. It might not have your security interests at heart, but more than ever, the web itself does.