macbroadcast´s blog


LEAP Encryption Access Project
July 21, 2014, 5:28 pm
Filed under: Big Brother, Decentralization, DNS, freedombox, globalchange, Hacking, howto, ipv6, linux, socialweb

dFQKIM5XLEAP is a dedicated to giving all internet users access to secure communication. Our focus is on adapting encryption technology to make it easy to use and widely available. Like free speech, the right to whisper is an necessary precondition for a free society. Without it, civil society and political freedom become impossible. As the importance of digital communication for civic participation increases, so does the importance of the ability to digitally whisper. LEAP is devoted to making the ability to whisper available to all internet users.

LEAP is a non-profit organization registered in the state of Washington, USA. THe people who create LEAP live around the world, including: Bahía Blanca (Argentina), Berlin (Germany), Hamburg (Germany), La Paz (Bolivia), London (UK), Madrid (Spain), Montreal (Quebec, Canada), New York City (NY, USA), Paris (France), Seattle (WA, USA), São Paulo (Brazil), Santiago (Chile). More at https://leap.se



Europäische Initiative deutscher Strafrechtsprofessoren zur legalisierung von Hanf
May 24, 2014, 2:18 pm
Filed under: Big Brother, globalchange, society | Tags: , , ,

Legalize_it_by_Poisongage

 

 

Eine Europäische Bürgerinitiative ist keine Petition an ein Parlament, sondern fordert beim Erreichen des Quorums von einer Million Stimmen in zwölft Monaten die Europäische Kommission unmittelbar auf, entsprechende Rechtsakte vorzuschlagen.

 

https://ec.europa.eu/citizens-initiative/REQ-ECI-2013-000023/public/index.do

http://www.cannabispetition.de/

 

Prof. Dr. Lorenz Böllinger: Es ist global ein Mentalitätswandel zu erkennen. Immer mehr amerikanische Bundesstaaten lassen Marihuana für den medizinischen Gebrauch zu, in zweien ist es inzwischen auch als reines Genussmittel legal erhältlich. Für Deutschland gehen konservative Schätzungen von etwa vier Millionen Cannabiskonsumenten aus. Das sind fast fünf Prozent der Bevölkerung, deren Verhalten vom Staat kriminalisiert wird – entgegen jeder Vernunft oder Empirie. Es ist längst bekannt, dass der Mythos von der Einstiegsdroge frei erfunden ist und die Risiken eher geringer als bei anderen, legalen Drogen sind. Der Blick in Länder wie Holland liefert den praktischen Beweis dafür, dass die Schreckensszenarien, die von den Prohibitionisten für den Fall einer Legalisierung heraufbeschworen werden, schlicht nicht eintreten. Im Angesicht dessen schwindet auch in der Bevölkerung die Akzeptanz für ein Verbot immer weiter.

 

http://www.lto.de/recht/hintergruende/h/strafrechtler-petition-bundestag-cannabis/

 

Bei dieser Resolution an die Abgeordneten des Deutschen Bundestages handelt es sich nicht um eine Petition. So schrieb Prof. Dr. Lorenz Böllinger, Sprecher der Resolution,  an den Autoren dieses Artikels am 2. Januar 2014 im Wortlaut: „Durch Herrn Wenzel, einen ehemaligen (ca. 2001) wissenschaftlichen Mitarbeiter, wurde die vom Schildower Kreis initiierte Resolution deutscher Strafrechtsprofessoren eigenmächtig und ohne Autorisierung als Petition an den Bundestag eingereicht. Dies beschädigt die eigentliche Zwecksetzung der Resolution. Es geht nämlich um die Überzeugung von Bundestag-Abgeordneten, aus dem Parlament heraus eine Enquête-Kommission zu beantragen. Wenn – bisher – 25% der Abgeordneten dies beantragen (kein Fraktionszwang!), muss eine solche Kommission eingerichtet werden, welche dann gründliche Anhörungen von Experten durchführen muss, und zwar zur gesamten Drogenpolitik.

 

 

http://blogs.taz.de/drogerie/2014/01/03/strafrechtsprofessoren-fordern-legalize-it/

 

Hier der Resolutionstext der  deutscher Strafrechtsprofessoren.

 

 

Der Staat darf die Bürger durch die Drogenpolitik nicht schädigen. Es ist deshalb notwendig, Schaden und Nutzen der Drogenpolitik unvoreingenommen wissenschaftlich zu überprüfen. Als Kriminalwissenschaftler fühlen wir uns in besonderem Maße verantwortlich für die Einhaltung strafrechtstheoretischer Prinzipien und für die Zurückhaltung des Staates in der Anwendung der ultima ratio gesellschaftlicher Steuerung. Deshalb appellieren wir an die Abgeordneten des Deutschen Bundestages, nicht nur dem Fraktionszwang zu folgen, sondern auch ihrer individuellen Verantwortung.

 

http://www.schildower-kreis.de/themen/Resolution_deutscher_Strafrechtsprofessorinnen_und_%E2%80%93professoren_an_die_Abgeordneten_des_Deutschen_Bundestages.php

 



MI5 agent Dr. Barrie Trower: dangerous radiation everywhere
October 27, 2013, 4:49 pm
Filed under: Big Brother, New world order

Barrie Trower is a former Royal Navy Microwave Weapons Expert and former cold-war captured spy debriefer for the UK Intelligence Services. Mr Trower is a conscionable whistle-blower who lectures around the world on hidden dangers from microwave weapons and every-day microwave technologies such as mobile-phones and Wi-Fi. Mr Trower has also repeatedly assisted the UK Police Federation in their struggle to protect police officers from Tetra/Air-Band radio-communications systems that are harmful to health.

He trained at the Governments Microwave Warfare establishment in 60’s and worked with the underwater bomb disposal unit, which used microwaves.
In the 70’s I helped de-brief spies trained in microwave warfare.

Author of the Tetra Report for the Police Federation. I predicted the illnesses, which the officers now complain of. I predicted the illness’s the residents now complain of.
These are illness’s that occurred before my report was published and cannot be psychosomatic.

At a conference in Birmingham I said: “This Government, Industry and Government Scientists will be responsible for more deaths (of civilians) in peace time than all the terrorist organizations ever.” The evidence I have is showing this is correct. I put my money where my mouth is and stand my ground.
It is easy to prove TETRA is not safe. Source

Follow on Facebook

 

More Videos on the web his Facebook



Bob Lasar , ein Insider berichtet (Deutsch)
October 8, 2013, 11:35 pm
Filed under: Big Brother, globalchange, space | Tags: , , ,


Wer oder was ist die BRD Andreas Clauss
August 23, 2013, 12:48 pm
Filed under: Big Brother, globalchange, New world order, socialweb, society | Tags:

[hana-flv-player video=”https://let.de/wp-content/videos/DieBRD.mp4″ width=”610″ height=”360″ description=”Deutschland ist besetztes Land” player=”4″ autoload=”true” autoplay=”true” loop=”false” autorewind=”true” /]



Wirtschaftspionage gestern und Heute
Wirtschaftsspionage in Zeiten von Vollüberwachung from Mac Broadcast


Microsoft, the NSA, and You – via archive.org
July 5, 2013, 12:20 pm
Filed under: Big Brother, Hacking, howto, New world order, phishing, socialweb, society | Tags: , , ,

united_data_of_america

 United data of america

Here is the press release; for the full details, look here.

A sample program which replaces the NSA’s key is here, at the bottom of the page.

Have a question? A Frequently Asked Questions (FAQ) guide is now available!
Please check the FAQ before emailing anyone. Thanks!

FOR IMMEDIATE RELEASE 

Microsoft Installs US Spy Agency with Windows 

Research Triangle Park, NC - 31 August 1999 - Between Hotmail hacks and
browser bugs, Microsoft has a dismal track record in computer security.
Most of us accept these minor security flaws and go on with life. But
how is an IT manager to feel when they learn that in every copy of
Windows sold, Microsoft may have installed a 'back door' for the
National Security Agency (NSA - the USA's spy agency) making it orders
of magnitude easier for the US government to access their computers? 

While investigating the security subsystems of WindowsNT4, Cryptonym's
Chief Scientist Andrew Fernandes discovered exactly that - a back door
for the NSA in every copy of Win95/98/NT4 and Windows2000. Building on
the work of Nicko van Someren (NCipher), and Adi Shamir (the 'S' in
'RSA'), Andrew was investigating Microsoft's "CryptoAPI" architecture
for security flaws. Since the CryptoAPI is the fundamental building
block of cryptographic security in Windows, any flaw in it would open
Windows to electronic attack.

Normally, Windows components are stripped of identifying information. If the
computer is calculating "number_of_hours = 24 * number_of_days", the only
thing a human can understand is that the computer is multiplying "a = 24 * b".
Without the symbols "number_of_hours" and "number_of_days", we may have no
idea what 'a' and 'b' stand for, or even that they calculate units of time. 

In the CryptoAPI system, it was well known that Windows used special numbers
called "cryptographic public keys" to verify the integrity of a CryptoAPI
component before using that component's services. In other words, programmers
already knew that windows performed the calculation "component_validity =
crypto_verify(23479237498234...,crypto_component)", but no-one knew exactly
what the cryptographic key "23479237498234..." meant semantically. 

Then came WindowsNT4's Service Pack 5. In this service release of software
from Microsoft, the company crucially forgot to remove the symbolic
information identifying the security components. It turns out that there are
really two keys used by Windows; the first belongs to Microsoft, and it allows
them to securely load CryptoAPI services; the second belongs to the NSA. That
means that the NSA can also securely load CryptoAPI services... on your
machine, and without your authorization. 

The result is that it is tremendously easier for the NSA to load unauthorized
security services on all copies of Microsoft Windows, and once these security
services are loaded, they can effectively compromise your entire operating
system. For non-American IT managers relying on WinNT to operate highly secure
data centers, this find is worrying. The US government is currently making it
as difficult as possible for "strong" crypto to be used outside of the US;
that they have also installed a cryptographic back-door in the world's most
abundant operating system should send a strong message to foreign IT managers.

There is good news among the bad, however. It turns out that there is a flaw
in the way the "crypto_verify" function is implemented. Because of the way the
crypto verification occurs, users can easily eliminate or replace the NSA key
from the operating system without modifying any of Microsoft's original
components. Since the NSA key is easily replaced, it means that non-US
companies are free to install "strong" crypto services into Windows, without
Microsoft's or the NSA's approval. Thus the NSA has effectively removed export
control of "strong" crypto from Windows. A demonstration program that replaces
the NSA key can be found on Cryptonym's website. 

Cryptonym: Bringing you the Next Generation of Internet Security,
using cryptography, risk management, and public key infrastructure. 

http://www.cryptonym.com 

# # #

The Full Details

These details are essentially the contents of the “Rump Session” talk that Andrew Fernandes gave at the Crypto’99 Conference, on 15 August 1999, in Santa Barbara, California.

Note 1: many people have written us and assumed that we “reverse engineered” Microsoft’s code. This is not true; we did not reverse engineer Microsoft code at any time. In fact, the debugging symbols were found using standard Microsoft-purchased programmer’s tools, completely by accident, when debugging one of our own programs.

Note 2: many reporters have stated that Andrew studied computer science at the University of Waterloo and was a classmate of Ian Goldberg of Zero Knowlege Systems. In fact, Andrew studied biochemistry and mathematics at Waterloo for his undergraduate, and mathematics at McGill for his graduate work. He and Ian graduated in the same year, but really did not know each other at the time.

An Overview of the Microsoft’s CryptoAPI

Microsoft’s CryptoAPI allows independent software vendors (ISVs) to dynamically load Cryptographic Serivce Providers (CSPs) as in the following diagram:

cryptoapi

This arrangement of having Windows verify the CSP signature is what allows Microsoft to add cryptographic functionality to Windows. They will not digitally sign a CSP unless you first agree to abide by US export rules. Translation: Microsoft will not allow non-US companies to add strong crypto functions to Windows.

Fortunately, the verification of the CSP’s digital signature opens up a security flaw in this picture.

Observations

Using NT4 Server, SP5 (domestic, 128-bit encryption version), and Visual C++ 6, SP3. These same results have been found in Win95osr2, Win98, Win98gold, WinNT4 (all versions), and Win2000 (up to and including build 2072, RC1).

Many people have emailed us to say that these debugging symbols are actually present in NT4-Workstation, and are in the original CD’s debugging symbols! Thanks, people!

Before CSP loading

in ADVAPI32.DLL

Address 0x77DF5530

->

A9 F1 CB 3F DB 97 F5 … … …

Address 0x77DF55D0

->

90 C6 5F 68 6B 9B D4 … … …

After RC4 encryption using

we see

A2 17 9C 98 CA

=>

R S A 1 … 00 01 00 01 … (looks like an RSA public key)

A0 15 9E 9A C8

=>

R S A 1 … 00 01 00 01 … (looks like an RSA public key)

Looking at SP5 debugging symbols

in “_CProvVerifyImage@8”

Address 0x77DF5530

<-

has data tag “_KEY”

Address 0x77DF55D0

<-

has data tag “_NSAKEY”

Screenshots

AdvApi32dll-1

TwoThreeFour, and Five showing the actual debugging information. (not available anymore )

The Flaw

An attack:

  • Replace “_KEY” with your own key…
  • …but Windows will stop working since it cannot verify its own security subsystem!

An better attack:

  • Replace “_NSAKEY” with your own key…
  • … Windows keeps working, since Microsoft’s key is still there
  • stops the NSA
  • works because Windows tries to verify the CSP first using “_KEY”, and then silently fails over to “_NSAKEY”

The Result:

  • Windows CryptoAPI system still functional
  • the NSA is kicked out
  • the user can load an arbitrary CSP, not just one that Microsoft or the NSA signed!

Implications

  1. What is the purpose of “_NSAKEY”? Espionage? Or do they simply not want to rely on Microsoft when installing their own CSPs?
  2. Using RSA’s Data Security’s (now Security Dynamics) “BSafe” toolkit actually makes analysis of a program easier.
  3. We do not need to modify the “advapi32.dll” file in order to remove the NSA key, nor do we need special privilleges on the machine.
    1. use self-modifying code
    2. needs undocumented vxd calls under Win95 and Win98
    3. needs special memory features under WinNT and Win2k
  4. It is easy for any process to bypass any CSP and substitute its own.
  5. Export control is effectively dead for Windows.
  6. Note for Win2k – there appear to be three keys in Win2k; Microsoft’s, the NSA’s, and an unknown third party’s. Thanks to Nicko van Someren for bringing this to our attention.

Removing the NSA

A sample program which temporarily replaces the NSA key with a test key, and leaves the rest of the CryptoAPI system intact, can be downloaded by clicking this link (currently only for WinNT and Win2k).

For legal reasons, source code will be provided for free, but only be available through a Nondisclosure Agreement with Cryptonym. You can download the NDA here inWord/Wordperfect RTF format, PostScript PS format, or Acrobat PDF format. Make sure you initial all pages, and fax it to the phone number indicated.

These files are provided for demonstration purposes only, and may not be redistributed or used for any purpose other than demonstration without the written authorization and license of Cryptonym Corporation.


http://en.wikipedia.org/wiki/NSAKEY

NSA Built Back Door In All Windows Software by 1999

http://www.washingtonsblog.com/2013/06/microsoft-programmed-in-nsa-backdoor-in-windows-by-1999.html

NSA helped with Windows 7 development

Computerworld – The National Security Agency (NSA) worked with Microsoft on the development of Windows 7, an agency official acknowledged yesterday during testimony before Congress.

http://www.computerworld.com/s/article/9141105/NSA_helped_with_Windows_7_development