Thoughts of a Technocrat

USS Ponce Being Refit to Become a "Mothership" in Middle East

2012-01-27T20:47:00.002-05:00

Via Washington Post (Jan 27, 2012) -

The Pentagon is rushing to send a large floating base for commando teams to the Middle East as tensions rise with Iran, al-Qaeda in Yemen and Somali pirates, among other threats.

In response to requests from the U.S. Central Command, which oversees military operations in the Middle East, the Navy is converting an aging warship it had planned to decommission into a makeshift staging base for the commandos. Unofficially dubbed a “mothership,” the floating base could accommodate smaller high-speed boats and helicopters commonly used by Navy SEALs, procurement documents show.

Special Operations Forces are a key part of the Obama administration's strategy to make the military leaner and more agile as the Pentagon confronts at least $487 billion in spending cuts over the next decade.

Lt. Cmdr. Mike Kafka, a spokesman for the Navy’s Fleet Forces Command, declined to elaborate on the floating base’s purpose or to say where, exactly, it will be deployed in the Middle East. Other Navy officials acknowledged that they were moving with unusual haste to complete the conversion and send the mothership to the region by early summer.

Navy documents indicate that it could be headed to the Persian Gulf, where Iran has threatened to block the Strait of Hormuz, a crucial shipping route for much of the world’s oil supply. A market survey proposal from the Military Sealift Command, dated Dec. 22 and posted online, states that the floating base needed to be delivered to the Persian Gulf.

Other contract documents do not specify a location but say the mothership would be used to “support mine countermeasure” missions. Defense officials have said that if Iran did attempt to close the Strait of Hormuz, it would rely on mines to obstruct the waterway.

---------------------------------------------

It's funny, as the term "mothership" is commonly found on his blog in terms of Somali pirates...

Insight into Sykipot Operations

2012-01-26T10:41:00.000-05:00

Via Symantec Security Response Blog -

The Sykipot campaign has been persistent in the past few months targeting various industries, the majority of which belong to the defense industry. Each campaign is marked with a unique identifier comprised of a few letters followed by a date hard-coded within the Sykipot Trojan itself.In some cases the keyword preceding the numbers is the sub-domain's folder name on the Web server being used.

[...]

These campaign markers allow the attackers to correlate different attacks on different organizations and industries.

The attackers also left additional clues allowing us to gain insight into what appears to be a staging server that is used prior to the delivery of new binaries to targeted users. In addition, we were able to confirm that the server was also used as a command and control (C&C) server for a period of time as well. The server is based in the Beijing region of China and was running on one of the largest ISPs in China. Furthermore, on one occasion one of the attackers connected from the Zhejiang province. The server has hosted over a hundred malicious files from the past couple of months, many of which were used in Sykipot campaigns.

[...]

The Sykipot attackers have a long running history of attacks against multiple industries. Based on these insights, the attackers are familiar with the Chinese language and are using computer resources in China. They are clearly a group of attackers who are constantly modifying their creation to utilize new vulnerabilities and to evade security products and we expect that they will continue their attacks in the future.

NASA: NPP's 'Blue Marble'

2012-01-26T10:21:00.001-05:00

http://npp.gsfc.nasa.gov/science/sciencecollection.html

A 'Blue Marble' image of the Earth taken from the Visible Infrared Imager Radiometer Suite (VIIRS) instrument aboard NASA's most recently launched Earth-observing satellite - Suomi NPP. This composite image uses a number of swaths of the Earth's surface taken on January 4, 2012. The NPOESS Preparatory Project (NPP) satellite was renamed 'Suomi NPP' on January 24, 2012 to honor the late Verner E. Suomi of the University of Wisconsin.

The high-resolution version can be found here.

N. Korea Suspected of Trying to Hack into Seoul University

2012-01-25T14:33:00.001-05:00

Via Yonhap News Agency (Jan 17, 2012) -

North Korea is suspected of masterminding last year's attempt to hack into the e-mail accounts of a Seoul university's graduate school alumni, school officials said Tuesday.

The Graduate School of Information Security at Korea University said it has conducted a joint investigation with intelligence authorities to track the origins of the hacking attempt, upon learning that an e-mail carrying malicious codes was sent to some of its graduates via its internal e-mail accounts last November.

"The e-mail was found to have been sent from a server based in Taiwan often used by North Korea," a school official said, declining to be identified.

"But no damage has been reported, as our graduates who received the e-mail never opened the file attached, and the codes did not work well from the first place," he added.

U.S. Military Raid in Somalia Frees Dane, American

2012-01-25T14:15:00.004-05:00

Via USA Today -

The Navy Seals that rescued two aide workers in Somalia were not dealing with al-Qaeda-linked militant groups but pirate-gangs that have been terrorizing the region kidnapping people and holding them for ransoms.

The raid under cover of darkness on Wednesday freed American Jessica Buchanan and Poul Hagen Thisted, a Dane, who were "on their way to be reunited with their families," the Danish Refugee Council said Wednesday.

President Obama authorized the mission by SEAL Team 6, the same unit that was behind the operation in Pakistan last May that killed Osama bin Laden.

One official who spoke on the condition he would remain anonymous told the Associated Press that the team parachuted into the area before moving on foot to the target. Nine kidnappers were killed. The raid happened near the Somali town of Adado.

The SEAL raid shows the the United States is "more willing to confront pirates than it has in the past," says Derek Reveron, a professor at the Naval War College.

It also suggests a growing willingness to use its special operations forces, which is riskier than drone strikes.

"Clearly it was a good target of opportunity," Reveron says. "But it also strikes me as pretty significant, parachuting SEALs into Somalia."

As large ships at sea have increased their defenses against pirate attacks, gangs have looked for other money making opportunities like land-based kidnappings.

It is not clear what impact the raid will have on piracy in the region.

But the number of successful pirate hijackings on shipping has dropped dramatically in 2011 in the Horn of Africa region. The number of successful pirate attacks fell to 24 last year, from 45 in 2010, according to NATO.

Music: The Roots "Sleep"

2012-01-23T23:03:00.001-05:00

http://en.wikipedia.org/wiki/Undun

Undun is the eleventh studio album by American hip hop band The Roots, released December 2, 2011, on Def Jam Recordings.

Star Wars Uncut - Episode IV: A New Hope (Director's Cut)

2012-01-23T17:11:00.001-05:00

http://www.starwarsuncut.com/watch

Finally, the crowd-sourced project has been stitched together and put online for your streaming pleasure. The "Director's Cut" is a feature-length film that contains hand-picked scenes from the entire StarWarsUncut.com collection.

SWU has been featured in documentaries, news features and conferences around the world for its unique appeal. In 2010 we won a Primetime Emmy for Outstanding Creative Achievement In Interactive Media.

We can't thank everyone enough for making this such a special project.

CIA's "Facebook" Program Dramatically Cut Agency's Costs

2012-01-21T16:08:00.001-05:00

from Onion News Network Season 1 Episode 9

A Hezbollah Threat in Thailand?

2012-01-19T12:00:00.001-05:00

Via STRATFOR (Security Weekly) -

On Jan. 12, Thai authorities arrested a man they say was a member of the Lebanon-based Shiite militant group Hezbollah who was plotting an attack in Bangkok. In uncovering the plot, Thai police cite cooperation with the United States and Israel going back to December 2011. Bangkok is indeed a target-rich environment with a history of terrorist attacks, but today Hezbollah and other militant and criminal groups rely on the city as more of a business hub than anything else. If Hezbollah or some other transnational militant group were to carry out an attack in the city, it would have to be for a compelling reason that outweighed the costs.

[...]

While there are certainly plenty of U.S., Jewish and Israeli targets in Thailand in general and Bangkok in particular, other officials have given different accounts of the alleged plot that add more nuance. According to National Police Chief Priewpan Damapong, Hussein insisted that the materials seized were not intended for attacks in Thailand but were going to be transported to a yet-to-be-named third country (a Stratfor source has cited the Philippines as a logical destination). He also allegedly told authorities that, although he was a member of Hezbollah, he was not a member of the group's militant arm. A Hezbollah official in Beirut, Ghaleb Abu Zainab, told the Lebanese Broadcasting Corp. that Hussein was not a Hezbollah member, while Stratfor sources have told us that he was. Our sources also have confirmed Hussein's reported confession to police that he was on the business side of things -- likely involved in procurement and logistics -- rather than the militant side, which involves such things as bombmaking or operational planning. As a Swedish passport holder, Hussein would have much more access to business connections, so it makes sense that Hezbollah would want to compartmentalize his skills.

[...]

Thus, Hezbollah's profile and set of interests support Hussein's reported claims that the bombmaking materials that police found were being moved out of the country and were not intended for use in Bangkok or other tourist locations in Thailand.

[...]

Just as Bangkok is an attractive business hub in Southeast Asia for legitimate businessmen, it is also an attractive hub for illicit businessmen. In 2008, Thai police arrested Russian arms smuggler Viktor Bout after agents from the U.S. Drug Enforcement Administration, posing as members of the Revolutionary Armed Forces of Colombia guerrilla group trying to negotiate a deal to buy weapons, incriminated Bout during a meeting in Bangkok. It appears that Hussein's role in this case would have been an administrative one similar to Bout's: sourcing the fertilizer, finding a place to stockpile it and concealing it in innocent-looking fan boxes. This would not make him any less guilty of assisting a militant group, but it would deflate the theory that Hezbollah was plotting to use this material in an immediate attack in Bangkok.

This is not to say that Hezbollah or some other militant group will not conduct an attack in Bangkok in the future. But it would take a lot to convince group leaders that the financial pain of an attack in the city would be worth the ideological gain. And the recent alleged plot should remind investigators and policymakers to remember the financial bottom line as well as the ideological bottom line when assessing future terrorist threats.

Stop the Internet Blacklist Legislation

2012-01-18T14:14:00.003-05:00

This is primarily for my visitors in the United States...but serves as a good example of how NOT to write Internet legislation for my international visitors. Let's keep it open and free folks.

https://blacklist.eff.org/

The Internet blacklist legislation—known as PROTECT IP Act (PIPA) in the Senate and Stop Online Piracy Act (SOPA) in the House—invites Internet security risks, threatens online speech, and hampers innovation on the Web. Urge your members of Congress to reject this Internet blacklist campaign in both its forms! Read More

Comprehensive Experimental Analyses of Automotive Attack Surfaces

2012-01-15T15:41:00.000-05:00

http://www.autosec.org/pubs/cars-usenixsec2011.pdf

Abstract

Modern automobiles are pervasively computerized, and hence potentially vulnerable to attack. However, while previous research has shown that the internal networks within some modern cars are insecure, the associated threat model —requiring prior physical access— has justiﬁably been viewed as unrealistic. Thus, it remains an open question if automobiles can also be susceptible to remote compromise. Our work seeks to put this question to rest by systematically analyzing the external attack surface of a modern automobile. We discover that remote exploitation is feasible via a broad range of attack vectors (including mechanics tools, CD players, Bluetooth and cellular radio), and further, that wireless communications channels allow long distance vehicle control, location tracking, in-cabin audio exﬁltration and theft. Finally, we discuss the structural characteristics of the automotive ecosystem that give rise to such problems and highlight the practical challenges in mitigating them.

[...]

To be clear, for every vulnerability we demonstrate, we are able to obtain complete control over the vehicle’s systems. We did not explore weaker attacks.

False Flag

2012-01-14T17:45:00.001-05:00

Via Foreign Policy -

Buried deep in the archives of America's intelligence services are a series of memos, written during the last years of President George W. Bush's administration, that describe how Israeli Mossad officers recruited operatives belonging to the terrorist group Jundallah by passing themselves off as American agents. According to two U.S. intelligence officials, the Israelis, flush with American dollars and toting U.S. passports, posed as CIA officers in recruiting Jundallah operatives -- what is commonly referred to as a "false flag" operation.

The memos, as described by the sources, one of whom has read them and another who is intimately familiar with the case, investigated and debunked reports from 2007 and 2008 accusing the CIA, at the direction of the White House, of covertly supporting Jundallah -- a Pakistan-based Sunni extremist organization. Jundallah, according to the U.S. government and published reports, is responsible for assassinating Iranian government officials and killing Iranian women and children.

But while the memos show that the United States had barred even the most incidental contact with Jundallah, according to both intelligence officers, the same was not true for Israel's Mossad. The memos also detail CIA field reports saying that Israel's recruiting activities occurred under the nose of U.S. intelligence officers, most notably in London, the capital of one of Israel's ostensible allies, where Mossad officers posing as CIA operatives met with Jundallah officials.

The officials did not know whether the Israeli program to recruit and use Jundallah is ongoing. Nevertheless, they were stunned by the brazenness of the Mossad's efforts.

"It's amazing what the Israelis thought they could get away with," the intelligence officer said. "Their recruitment activities were nearly in the open. They apparently didn't give a damn what we thought.

Interviews with six currently serving or recently retired intelligence officers over the last 18 months have helped to fill in the blanks of the Israeli false-flag operation. In addition to the two currently serving U.S. intelligence officers, the existence of the Israeli false-flag operation was confirmed to me by four retired intelligence officers who have served in the CIA or have monitored Israeli intelligence operations from senior positions inside the U.S. government.

The CIA and the White House were both asked for comment on this story. By the time this story went to press, they had not responded. The Israeli intelligence services -- the Mossad -- were also contacted, in writing and by telephone, but failed to respond. As a policy, Israel does not confirm or deny its involvement in intelligence operations.

[...]

According to one retired CIA officer, information about the false-flag operation was reported up the U.S. intelligence chain of command. It reached CIA Director of Operations Stephen Kappes, his deputy Michael Sulick, and the head of the Counterintelligence Center. All three of these officials are now retired. The Counterintelligence Center, according to its website, is tasked with investigating "threats posed by foreign intelligence services."

The report then made its way to the White House, according to the currently serving U.S. intelligence officer. The officer said that Bush "went absolutely ballistic" when briefed on its contents.

"The report sparked White House concerns that Israel's program was putting Americans at risk," the intelligence officer told me. "There's no question that the U.S. has cooperated with Israel in intelligence-gathering operations against the Iranians, but this was different. No matter what anyone thinks, we're not in the business of assassinating Iranian officials or killing Iranian civilians."

[...]

The debate over Jundallah was resolved only after Bush left office when, within his first weeks as president, Barack Obama drastically scaled back joint U.S.-Israel intelligence programs targeting Iran, according to multiple serving and retired officers.

The decision was controversial inside the CIA, where officials were forced to shut down "some key intelligence-gathering operations," a recently retired CIA officer confirmed. This action was followed in November 2010 by the State Department's addition of Jundallah to its list of foreign terrorist organizations -- a decision that one former CIA officer called "an absolute no-brainer."

Since Obama's initial order, U.S. intelligence services have received clearance to cooperate with Israel on a number of classified intelligence-gathering operations focused on Iran's nuclear program, according to a currently serving officer. These operations are highly technical in nature and do not involve covert actions targeting Iran's infrastructure or political or military leadership.

"We don't do bang and boom," a recently retired intelligence officer said. "And we don't do political assassinations."

-------------------------------------------------------------------------

Bombing Kills Iranian Nuclear Scientist

In response, the White House said it "had absolutely nothing to do'' with the blast that killed Roshan. White House spokesman Tommy Vietor said the U.S. strongly condemns the attack and all acts of violence.

In a joint press conference in Washington with the Qatari foreign minister, Hillary Clinton again denied U.S. involvement.

"I want to categorically deny any United States involvement in any kind of act of violence inside Iran," said Clinton.

------------------------------------------------------------------------

Jundallah (Soldiers of God)
http://en.wikipedia.org/wiki/Jundallah

APT Malware Attacks Smart Cards Used by DIB & Governments

2012-01-12T10:37:00.001-05:00

Via NY Times (Bits Blog) -

Chinese hackers have deployed a new cyber weapon that is aimed at the Defense Department, the Department of Homeland Security, the State Department and potentially a number of other United States government agencies and businesses, security researchers say.

Researchers at AlienVault, a Campbell, Calif., security company, said on Thursday that they had uncovered a new variant of some malicious software called Sykipot that targets smart cards used by government employees to access restricted servers and networks. Traces of Sykipot malware have been found in cyberattacks dating back to 2006, but AlienVault’s researchers say this is the first time Sykipot has compromised smart cards.

The government uses smart cards to supplement employee passwords, which have proven easy to crack. By cracking smart cards, hackers eliminate the final hurdle between themselves and some of the government’s most sensitive information. Mandiant, a security firm, first outlined smart card weaknesses in a January 2011 report and said it had investigated several attacks in which hackers used smart cards to crack into companies. The latest Sykipot strain offers a look at how hackers are compromising smart cards and indicates who they are after.

Researchers say this strain specifically targets smart card readers that run ActivClient, a program made by ActivIdentity, an identity authentication company based in Fremont, Calif. ActivIdentity’s smart cards are used by employees at the Defense Department, Department of Homeland Security, Coast Guard, Social Security Administration, Treasury Department and other government agencies, along with businesses including Monsanto, BNP Paribas and Air France.

[...]

Exactly what Sykipot’s architects have stolen is still not known. But given ActivIdentity’s client list of defense agencies, security researchers say, it is now clear who the target is.

----------------------------------------------------------------

Mandiant M-Trends "When Prevention Fails" - Jan 2011
http://www.security.nl/files/M-trends2.pdf (Full Report)

It was this M-Trends paper (commonly called M-Trends 2) that first highlighted Smartcard Proxy Malware – Page 7-9.

At the time Mandiant suggested using hardware RSA tokens as a way of minimizing risk.
There are several ways to reduce the likelihood an attacker would be able to compromise hardware-based tokens. Removing smart cards when not in use is the easiest way to mitigate risks, however moving to other hardware based technologies such as RSA Tokens with time-based sync of passwords is an effective way to thwart this threat.

However, just two months later (March 2011), the RSA SecurID breach became public – rendering the advice moot.

Adversaries of Iran Said to Be Stepping Up Covert Actions

2012-01-11T22:30:00.001-05:00

Via NY Times -

As arguments flare in Israel and the United States about a possible military strike to set back Iran’s nuclear program, an accelerating covert campaign of assassinations, bombings, cyberattacks and defections appears intended to make that debate irrelevant, according to current and former American officials and specialists on Iran.

The campaign, which experts believe is being carried out mainly by Israel, apparently claimed its latest victim on Wednesday when a bomb killed a 32-year-old nuclear scientist in Tehran’s morning rush hour.

The scientist, Mostafa Ahmadi Roshan, was a department supervisor at the Natanz uranium enrichment plant, a participant in what Western leaders believe is Iran’s halting but determined progress toward a nuclear weapon. He was at least the fifth scientist with nuclear connections to be murdered since 2007; a sixth scientist, Fereydoon Abbasi, survived a 2010 attack and was put in charge of Iran’s Atomic Energy Organization.

Iranian officials immediately blamed both Israel and the United States for the latest death, which came less than two months after a suspicious explosion at an Iranian missile base that killed a top general and 16 other people. While American officials deny a role in lethal activities, the United States is believed to engage in other covert efforts against the Iranian nuclear program.

The assassination drew an unusually strong condemnation from the White House and the State Department, which disavowed any American complicity. The statements by the United States appeared to reflect serious concern about the growing number of lethal attacks, which some experts believe could backfire by undercutting future negotiations and prompting Iran to redouble what the West suspects is a quest for a nuclear capacity.

“The United States had absolutely nothing to do with this,” said Tommy Vietor, a spokesman for the National Security Council. Secretary of State Hillary Rodham Clinton appeared to expand the denial beyond Wednesday’s killing, “categorically” denying “any United States involvement in any kind of act of violence inside Iran.”

“We believe that there has to be an understanding between Iran, its neighbors and the international community that finds a way forward for it to end its provocative behavior, end its search for nuclear weapons and rejoin the international community,” Mrs. Clinton said.

The Israeli military spokesman, Brig. Gen. Yoav Mordechai, writing on Facebook about the attack, said, “I don’t know who took revenge on the Iranian scientist, but I am definitely not shedding a tear,” Israeli media reported.

FBI: 'Gameover' Malware Targets Bank Accounts Via Phishing E-Mails

2012-01-10T16:32:00.004-05:00

http://www.fbi.gov/news/stories/2012/january/malware_010612/malware_010612

Cyber criminals have found yet another way to steal your hard-earned money: a recent phishing scheme involves spam e-mails—purportedly from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC)—that can infect recipients’ computers with malware and allow access to their bank accounts.

The malware is appropriately called “Gameover” because once it’s on your computer, it can steal usernames and passwords and defeat common methods of user authentication employed by financial institutions. And once the crooks get into your bank account, it’s definitely “game over.”

Gameover is a newer variant of the Zeus malware, which was created several years ago and specifically targeted banking information.

---------------------------------------------------------------

Created several days ago? Mmmmm, maybe this specific DDoS variant, but Gameover has been out for a while.

Oct 10, 2011: ZeuS Gets More Sophisticated Using P2P Techniques
http://www.abuse.ch/?p=3499

You should watch out for the following strings in your web proxy logs, which are being used as dropzone for this ZeuS version (using HTTP POST):

/gameover.php
/gameover2.php
/gameover3.php

Since I’ve started to track this ZeuS campaign, I’ve collected more than 270 unique config files.

Nov 2011: DDoS Attacks Spell ‘Gameover’ for Banks, Victims in Cyber Heists
http://krebsonsecurity.com/2011/11/ddos-attacks-spell-gameover-for-banks-victims-in-cyber-heists/

Jan 4, 2012: ZeuS – P2P+DGA Variant – Mapping Out and Understanding The Threat
http://www.cert.pl/news/4711/langswitch_lang/en
In the autumn of 2011 we observed new malware infections, which looked similar to Zeus....In the new version of the Trojan, the authors focus on eliminating the weakest link – a centralized system of information distribution.

Florida Resident Charged with Plotting to Bomb Locations in Tampa

2012-01-09T22:51:00.002-05:00

Via FBI Press Release (Tampa Division) -

A 25-year-old resident of Pinellas Park, Fla., has been charged in connection with an alleged plot to attack locations in Tampa with a vehicle bomb, assault rifle, and other explosives, announced Robert E. O’Neill, U.S. Attorney for the Middle District of Florida; Lisa Monaco, Assistant Attorney General for National Security; and Steven E. Ibison, Special Agent in Charge of the FBI Tampa Division.

Sami Osmakac, a naturalized U.S. citizen who was born in the former Yugoslavia (Kosovo), was arrested Saturday night. He is charged in a criminal complaint in the Middle District of Florida with one count of attempted use of a weapon of mass destruction (explosives) and is scheduled to make his initial appearance today at 2:00 p.m. EST, in federal court, before U.S. Magistrate Judge Anthony Porcelli, in Tampa. If convicted, Osmakac faces a maximum sentence of life in prison and a $250,000 fine.

The arrest of Osmakac was the culmination of an undercover operation during which Osmakac was closely monitored by law enforcement officials for several months. The explosives and firearms that he allegedly sought and attempted to use were rendered inoperable by law enforcement and posed no threat to the public.

[...]

According to the complaint affidavit, in Sept. 2011, the FBI received information from a confidential human source (CHS) indicating that Osmakac had asked for al Qaeda flags. In November 2011, Osmakac and the CHS discussed and identified potential targets, in Tampa, where Osmakac intended on carrying out violent attacks. Osmakac allegedly asked the CHS for help in obtaining firearms and explosives for the attacks. The CHS indicated that he/she knew someone who might be able to provide firearms and explosives and introduced Osmakac to an undercover FBI employee.

[...]

On Jan. 7, 2012, FBI agents arrested Osmakac after he took possession of the explosive devices and firearms that had been rendered inoperable by law enforcement. The complaint alleges that, shortly prior to his arrest, Osmakac made a video of himself explaining his motives for carrying out the planned violent attack.

This investigation is being conducted by the FBI Tampa Division and the Tampa Joint Terrorism Task Force. It is being prosecuted by Assistant U.S. Attorney Sara Sweeney from the U.S. Attorney’s Office for the Middle District of Florida, with assistance from Trial Attorney Clem McGovern of the Counterterrorism Section in the Department of Justice’s National Security Division.

Iran Starts Uranium Enrichment Underground

2012-01-09T10:40:00.001-05:00

Via VOA News -

Diplomats in Vienna say Iran has started uranium enrichment at a facility where the material can be upgraded quickly for potential use in a nuclear bomb.

The diplomats close to the international monitoring of nuclear programs said Monday that Iranian centrifuges were refining uranium to a purity of 20 percent at the underground Fordo complex near the Shi'ite holy city of Qom. The report increases international concerns that Iran is developing an atomic weapons program. Iran says its nuclear ambitions are peaceful.

The Fordo complex is located beneath a mountain and is better protected from potential air strikes by nations opposed to the Iranian nuclear program. Iran said previously it was preparing to move its highest-grade enrichment work to Fordo from an above-ground complex in the central city of Natanz.

Iran says its nuclear program is designed only to generate electricity and material for medical research. Most of the work at the Natanz facility has involved refining uranium to a relatively low purity of 3.5 percent. Enrichment to the 20-percent level at the Fordo complex could reduce the time needed for Iran to further refine the material to the 90-percent purity required for nuclear weapons.

[...]

In a television interview broadcast Sunday, U.S. Defense Secretary Leon Panetta said Iran's nuclear program has not progressed to the stage of building a nuclear bomb. But he warned Iranian leaders that if they take such a step, the United States will stop them.

Panetta said Washington will continue what he called a "responsible" approach of putting diplomatic and economic pressure on Iran to abstain from developing nuclear weapons. He also advised Israel not to take unilateral action against Iran, saying a "better approach" is to "work together" with the United States on the issue.

---------------------------------------------------------------------------------

http://www.bbc.co.uk/news/world-middle-east-16470100

On Monday IAEA spokesperson Gill Tudor said in a statement tha the agency could "confirm that Iran has started the production of uranium enriched up to 20%".

She added that "all nuclear material in the facility remains under the agency's containment and surveillance".

U.S. Rescues Iranian Ship Held by Pirates

2012-01-06T15:54:00.002-05:00

Via CBS News -

A U.S. Navy destroyer has rescued an Iranian fishing boat that had been commandeered by suspected pirates just days after Tehran warned the U.S. to keep its warships out of the Persian Gulf.

American forces flying off the guided-missile destroyer USS Kidd responded to a distress call from the Iranian vessel, the Al Molai, which had been held captive for more than 40 days, the U.S. Navy said Friday. The Kidd was sailing in the Arabian Sea, after leaving the Persian Gulf, when it came to the sailors' aid.

A U.S. Navy team boarded the ship Thursday and detained 15 suspected Somali pirates. They had been holding the 13-member Iranian crew hostage and were using the boat as a "mother ship" for pirating operations in the Persian Gulf.

U.S. Defense Secretary Leon Panetta commented on the rescue in an interview scheduled to air Sunday on CBS' "Face the Nation."

"It's what we do. And it's what we do in that part of the world. We get a distress call, as we did in this case, even though it came from an Iranian ship. When the pirates went after them, we respond to those calls," Panetta said. "We did what we have to do in that situation. I think it just sends an important message to the world that the United States is going to abide by international rules and international order, and that's exactly what we did here."

In the same interview, Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, said the suspected pirates surrendered without incident.

"I think in the face of the overwhelming combat power that was presented the pirates made the right decision," he said.

Amid escalating tensions with Tehran, the Obama administration reveled in delivering the news.

"This is an incredible story. This is a great story," State Department spokeswoman Victoria Nuland said, explaining that the very same American ships the Islamic republic protested for recently traveling through the Strait of Hormuz were responsible for the Iranian vessel's recovery.

"They were obviously very grateful to be rescued from these pirates," Nuland said.

------------------------------------------------------------

Iran welcomes U.S. rescue of Iranian fishermen
http://www.cnn.com/2012/01/07/world/meast/iran-us-navy-rescue/index.html
A spokesman for Iran's Foreign Ministry, Ramin Mehmanparast, had positive words about the rescue when he spoke Saturday to the Arabic news network Al-Alam.

"Rescuing Iranian sailors by the U.S. was a humanitarian act and we welcome such acts," he said. "The Iranian Navy also engages in such rescue operations. It is the responsibility of all nations to rescue nationals from other countries from pirates."

FAA Plans to Propose Small Drone Rules in January 2012

2011-12-31T17:12:00.001-05:00

Via LA Times -

Drone aircraft, best known for their role in hunting and destroying terrorist hide-outs in Afghanistan, may soon be coming to the skies near you.

Police agencies want drones for air support to spot runaway criminals. Utility companies believe they can help monitor oil, gas and water pipelines. Farmers think drones could aid in spraying their crops with pesticides.

"It's going to happen," said Dan Elwell, vice president of civil aviation at the Aerospace Industries Assn. "Now it's about figuring out how to safely assimilate the technology into national airspace."

That's the job of the Federal Aviation Administration, which plans to propose new rules for the use of small drones in January, a first step toward integrating robotic aircraft into the nation's skyways.

The agency has issued 266 active testing permits for civilian drone applications but hasn't permitted drones in national airspace on a wide scale out of concern that the pilotless craft don't have an adequate "detect, sense and avoid" technology to prevent midair collisions.

Other concerns include privacy — imagine a camera-equipped drone buzzing above your backyard pool party — and the creative ways in which criminals and terrorists might use the machines.

[...]

Sheriff's Department Cmdr. Bob Osborne said that there's "no doubt" that the department is interested in using drones. "It's just that the FAA hasn't come up with workable rules that we can harness it. If those roadblocks were down, we'd want to use it."

Drones' low-cost appeal has other industries interested as well.

Farmers in Japan already use small drones to automatically spray their crops with pesticides, and more recently safety inspectors used them at the crippled Fukushima Daiichi nuclear power plant. Archaeologists in Russia are using small drones and their infrared cameras to construct a 3-D model of ancient burial mounds. Officials in Tampa Bay, Fla., want to use them for security surveillance at next year's Republican National Convention.

But the FAA says there are technical issues to be addressed before they're introduced in civil airspace. Among them is how to respond if a communication link is lost with a drone — such as when it falls out of the sky, takes a nose dive into a backyard pool or crashes through someone's roof.

[...]

Drones could also be useful to real estate agents to showcase sprawling properties. Oil and gas companies want to utilize them to keep an eye on their pipelines. Even organizations delivering humanitarian assistance want to use drones.

Terrorists Struggle To Gain Recruits On The Web

2011-12-29T17:23:00.001-05:00

Via NPR -

Terrorist groups seemed to be all over the Web in 2011. There were al-Qaida videos on YouTube, Facebook pages by Islamic militants in Somalia, and webzines – like Inspire magazine – produced by al-Qaida affiliates in Yemen.

If there were an award for the best known terrorist music recording in the past couple of years, it would probably go to the Somali militia group al-Shabab for a YouTube video that extolled the virtues of jihad, or holy war.

The tune became so popular it was actually covered by other aspiring violent jihadis, who added hip-hop beats and rap lyrics.

The Shabab music video caught the attention of U.S. counter-terrorism officials. They saw it as dangerous because it was slick and catchy and in English. The video ignited an effort in Washington to figure out how to counter the use of social media among terrorist groups.

What no one is saying, however, is that the effort to use social media sites like Facebook and YouTube, and even Twitter, hasn't been the recruitment boon that terrorist organizations had been hoping for.

Terrorist groups appear to be still working out the kinks in their new media strategy and concerns about terrorists and social media may be overblown.

"The worry in official Washington has been that kids are going to be attracted by its message and that they are going to spontaneously arise and become terrorists," said Will McCants, an analyst at the Center for Naval Analysis. "But we just haven't seen the numbers to suggest that that's true. Before social media, after social media... it is just a trickle of individuals who get involved in terrorist activities."

McCants says U.S. officials — perhaps because they don't use social media on a regular basis — may see it as a larger menace than it actually is.

[...]

One of the early players in jihadi social media was a radical Islamic organization called Revolution Muslim. Based in New York, the group's founders claimed that the RevMuslim blog received 1,500 hits a day. Its YouTube channel had some 1,000 subscribers. The group was open about its goals to establish Islamic law in the U.S., destroy Israel, and take al-Qaeda's messages to the masses.

Revolution Muslim became like a gateway drug for young men, enabling those who might be just tangentially interested in the global jihad to link up with real jihadists in Pakistan and other places.

[...]

There is one part of government that has learned to exploit the intersection of terrorism and the web: law enforcement.

The New York Police Department and FBI never shut the Revolution Muslim website down because it provided leads on young men who were inclined toward violent extremism. Now law enforcement can go to Facebook to provide the same kind of intelligence.

"I have been very surprised by the number of people who are moving to Facebook who are talking openly about their admiration for al-Qaeda," said CNA's McCants. "This can be a great boon for law enforcement because you can watch the flow of propaganda and you can see who is connecting to whom and if they are getting in the orbit of very dangerous people."

Al-Shabab, the Islamist militia that produced that popular music video, now has a Twitter account with thousands of followers. The joke among terrorism experts? About 99 percent of them are journalists and law enforcement.

--------------------------------------------------------------------------------

https://twitter.com/#!/will_mccants/status/152488334629941248

Just heard some guy in radio promo for NPR segment today. I thought "Why is he speaking so slowly? Holy shit, thats me!"

China’s New/Used Aircraft Carrier Ain’t Scary

2011-12-28T17:29:00.000-05:00

Via Wired.com (Danger Room) -

When China launched the maiden voyage of its first aircraft carrier in August, it had a lot of eyes on it. Some were from way, way up in the heavens — specifically, DigitalGlobe’s satellites. They provide the clearest pictures yet of China’s much-heralded floating toy, and make it seem less than meets the eye.

Truth be told, the Shi Lang isn’t actually new-new. It’s more like the aircraft carrier equivalent of buying a used car. China purchased the Varyag, a Kuznetsov-class carrier from Ukraine, refurbished it, and set it to sea as Shi Lang, intending to show the world it was a first-class naval power.

And there’s something to that: Very few countries have a full-sized aircraft carrier at all. (The U.S. Navy has 10.) But the Shi Lang isn’t exactly state of the art. It carries mediocre aircraft and accompanies unimpressive ships. And DigitalGlobe’s satellites find that Shi Lang also “appears to lack the P-700 Granit surface-to-surface missiles that were part of the original Kuznetzov designs,” as Stratfor analyst Rodger Baker puts it.

Translation: sure, the Shi Lang is merely supposed to be a training ship, but it’s conspicuous that the first Chinese aircraft carrier can’t defend itself from seaborne threats.

The Shi Lang is probably best thought of as a starter aircraft carrier. Who knows what weaponry its next carrier — the one it’s building, not purchasing — will possess. And it can’t just be one new carrier, Baker says: “It will be years before China has the three hulls needed for minimum ability to keep one on station at all times.”

Stuxnet/Duqu: The Evolution of Drivers

2011-12-28T15:51:00.002-05:00

Via SecureList (Kaspersky Lab) -

We have been studying the Duqu Trojan for two months now, exploring how it emerged, where it was distributed and how it operates. Despite the large volume of data obtained (most of which has yet to be published), we still lack the answer to the fundamental question - who is behind Duqu?

In addition, there are other issues, mostly to do with the creation of the Trojan, or rather the platform used to implement Duqu as well as Stuxnet.

In terms of architecture, the platform used to create Duqu and Stuxnet is the same. This is a driver file which loads a main module designed as an encrypted library. At the same time, there is a separate configuration file for the whole malicious complex and an encrypted block in the system registry that defines the location of the module being loaded and name of the process for injection.

This platform can be conventionally named as ‘Tilded’ as its authors are, for some reason, inclined to use file names which start with "~d".

We believe Duqu and Stuxnet were simultaneous projects supported by the same team of developers.

Several other details have been uncovered which suggest there was possibly at least one further spyware module based on the same platform in 2007-2008, and several other programs whose functionality was unclear between 2008 and 2010.

These facts significantly challenge the existing "official" history of Stuxnet. We will try to cover them in this publication, but let us first recap the story so far.

[...]

Conclusion

From the data we have at our disposal, we can say with a fair degree of certainty that the “Tilded” platform was created around the end of 2007 or early 2008 before undergoing its most significant changes in summer/autumn 2010. Those changes were sparked by advances in code and the need to avoid detection by antivirus solutions. There were a number of projects involving programs based on the “Tilded” platform throughout the period 2007-2011. Stuxnet and Duqu are two of them – there could have been others, which for now remain unknown. The platform continues to develop, which can only mean one thing – we’re likely to see more modifications in the future.

US Will Not 'Tolerate' Disruption of Vital Oil Strait Traffic

2011-12-28T14:38:00.003-05:00

Via VOA News -

The U.S. military says it will not tolerate disruptions in Strait of Hormuz traffic as Iran has threatened to block oil shipments coming through the waterway.

A spokeswoman for the Bahrain-based U.S. Fifth Fleet said the flow of goods through the strait is "vital to regional and global prosperity." Lieutenant Rebecca Rebarich said Wednesday the U.S. Navy is ready to "counter malevolent actions" to ensure navigation freedom.

Earlier Wednesday, Iran's top naval officer, Admiral Habibollah Sayyari, said closing the Strait of Hormuz would be "very easy" for his forces, though he added no immediate action was "necessary."

Sayyari is the second Iranian official this week to raise the possibility of closing the entrance to the Persian Gulf in response to Western threats to put sanctions on Iran's petroleum exports because of the country's controversial nuclear program.

[...]

Iran's warnings have come as its naval forces continue a 10-day exercise in the strait and nearby waters that began on Saturday.

[...]

European Union ministers have said that a decision on further economic sanctions - including a boycott of Iranian oil - would be made in the coming weeks. The vast majority of Iran's foreign revenue comes from oil exports.

More than one-third of the world's tanker-borne oil supply passes through the Strait of Hormuz. A closure could temporarily cut off some oil supplies and force shippers to use longer, more expensive routes.

It could impact the price of oil worldwide. After an initial spike following the Iranian threats, however, oil futures edged lower on Wednesday.

The Associated Press quoted a Saudi oil ministry official as saying Gulf oil producers would be ready to step in, if necessary, to make up for any losses of Iranian crude.

Body Language vs Micro-Expressions

2011-12-27T16:28:00.003-05:00

Via Psychology Today's SpyCatcher Blog -

Thoughtful questions often prompt thoughtful analysis and recently a series of questions from a reader regarding "micro-expressions" had such an effect on me. His questions made me stop and think about how the public perceives "micro expressions" and their significance in our overall understanding of body language, and more importantly, their relevance in detecting deception.

By now most people have heard of "micro-expressions" as a result of the show Lie to Me, or because the term has been popularized by the media. In fact, I routinely run into people who say they have taken courses on "micro-expressions" and have been "certified" or who want to become experts on "micro-expressions." (It reminds me of when students first wanted to be "criminal profilers" and then they wanted to be "CSI agents," just like on TV, now I guess it is "micro-expression experts") That's fine I say, but what about the rest of the body? And that is when I hear silence. After all, the rest of the body is transmitting information about thoughts, desires, fears, emotions, and intentions with far more regularity. If someone ventilates their shirt or hides their thumbs while being asked questions, you should know what that means beyond it's hot and they don't know what to do with their hands (it means: issues, discomfort, insecurities) because there may be no "micro-expressions" to help you at all.

[...]

Recommendation

After studying nonverbals for over 40 years, I think it is wiser to understand what all of the body communicates, not just the face, or just "micro-expressions." Especially knowing that the feet are more accurate than the face in revealing sentiments and intentions and that all of our body is constantly transmitting vital information (Navarro 2008).

f you truly want to learn about body language and nonverbal communications and go beyond the tripe usually served on television, give yourself a treat and read Desmond Morris' trilogy on nonverbals (Manwatching, Bodywatching, Peoplewatching). Morris looks at humans with the critical eye of a scientist discovering a new species and explains why we do the things we do. He is an authority without equal when it comes to nonverbal communications and as a zoologist and anthropologist, will open your eyes as no other author or expert can, with perhaps the exception of Charles Darwin, who started it all one day while watching orangutans in the London zoo.

Chinese Confirm Beidou SatNav System is Operational

2011-12-27T14:04:00.000-05:00

Via The Register UK -

Chinese officials have confirmed that the country’s Beidou satellite navigation system is operational, albeit mainly in China, and say they plan to have free, global coverage in place by 2020.

At a press conference the China Aerospace Science and Technology Corporation said that Beidou – which translates as Big Dipper - is providing location data and SMS messaging using a network of ten satellites currently in orbit, and another six launches are planned for next year. Once operational, they should cover most of the Asia/Pacific region, and will form the backbone of a global system of over 30 satellites that should be in place by 2020.

Company spokesman Ran Cheng made a formal commitment that the Beidou service would be free to all and said that the Chinese would be working on interoperability with the US GPS system, Russia’s GLONASS and the forthcoming EU Galileo network. An initial version of the interface control documentation has been published online.

[...]

China plans to add many more satellites for a variety of purposes over the coming years, and wants 100 in orbit under the current schedule, according to spokesman Zhao Xiao-chun. Last year China had 19 launches he said, compared to 18 from the US - but behind Russia with 36.

Having its own global positioning system will give Chinese global ambitions a fillip, since the vast bulk of the world currently runs on the US GPS network. Russia has spent billions upgrading and adding to its GLONASS satellite system, initially constructed in the 1980s but which fell into disrepair during the post-Cold War collapse, and this should be operational within a year or so.

The EU has been lagging behind on this front, mainly down to squabbling over funding methods and cost overruns. Its Galileo network should be operational by 2014 – emphasis on the “should” as we were due to have it next year – with plans for global coverage by 2019.

The news of China’s plans will be causing some furrowed brows at the Pentagon. Global positioning is vital for modern warfare and some of the more excitable members of the military have been suggesting that having an alternative system would let China destroy GPS if war ever came, and the US already has plans for satellites to monitor orbital war.