◾ „Your perspective on life comes from the cage you were held captive in.  Shannon L. Alder


Looking for usefull IT-Security sites on the web did lead me to the one of EchoSec (echosec.net).
EchoSec offers a service for location based searches on social media. The site is a platform that
provies public safety, security, journalism and intelligence professionals actionable knowledge
based on aggregated social media and other Information.

EchoSec

If you think this is nothing new, think again! EchoSec managed to detect open available (!) information
e.g. on Twitter, Facebook, Google+, LinkedIn, Foursquare, Youtube, Instagram and much more networks
and map it all together. And this is getting close to my idea of linking all the API together for a better Monitoring!
See: Soziale Netzwerke: wie wir uns der Überwachung ausliefern (in german)!

The gathered information are posted even by YOU everytime you use your social media accounts.
Your posts are open to the public in many cases, and your nickname might be traceable back to your real name…

On a world-map you are able to trace (footprint) individuals, if they did post e.g. to Twitter with
having their location activated/shared. Further more you are able to drag a boundary on a digital map
and you will get all the social media Feeds from within that special zone & period of time you selected.
Special search terms, Accountnames or hashtags are a good starting point to look up, what you are
looking for in your region or even world-wide!

It is all about location ;-)

It is all about location ;-)

I had the pleasure to test EchoSec with a Pro-Account and I can definitely recommend the service.
If you need to investigate what is going on in a particular place you are able to get live information
so you are up to date. No wonder as EchoSec says it is working hard with Law Enforcement Officers to
optimize the service. The private & confidential Whitepaper and Feature-List, which I am not going to
share here, are quiet promising.

It is about protecting society and not spying!

Some Information, such as possible threats, are detectable with EchoSec. With the option to look back
to a special date you are able to track back possible suspects after something like a robbery or other criminal
action did happen. If you are lucky you can even prove innocence as well…

Location-MI6 U.K.

Location-MI6 U.K.

For a test I did use my own tool to post from several locations such as the MI6 in the U.K, the german
chancellorship and the NSA in Fort Meade ;-)

EchoSec managed to catch my post in realtime and I was able to footprint where I have (virtually) been
with my Twitter account. It did grab the correct banner from what kind of Client I did post my tweet.
In this case from „Tactic4lHQ“ – my own developed CyberToolkit.

Location-Kanzleramt

Location-Kanzleramt

The usefull option „fly to“ (where possible, because of geolocation activated), which is indicated by a plane,
lets you jump to the specific publication on the digital map, to look up the location and maybe drag a new
search around the area for deeper investigations.

Location-NSA

Location-NSA

Social media is the best place to get fast and latest news, on what is going on out there. Not out of pure curiosity,
but to protect the public interest! There are events that might require additional investigative Information such as:

  •  Protests
  •  Riots
  •  Terror attacks
  •  State visits by higher government members
  •  Hostage Situations
  •  General Crisis Scenarios

To name only a few possible rather critical reasons! You are free to look up a good place to go to lunch with
the EchoSec service as well ;-) It is up to you what you use this service for. There are virtually no limits to
imagination…

I reported some possible improvements to EchoSec, such as simply fix the digital map, so you don’t have to
scroll to the top of the site. Having an API would be pretty cool as well, so you could integrate EchoSec
into your own toolkits (did this with shodanhq.com and some others e.g.).
Got a positive feedback, that my suggestions might be on the roadmap now :-) Let’s wait and see.

In my last blogpost about Pegida I mentioned I would write a follow up post. The follow-up would have been
about homegrown terrorism and I wanted to point out how important it is to monitor who is coming back
from crisis countries. In the meantime we all know what did happen in France. Take this blog post as a substitute.
Sometimes you start to give up privacy with a tweet, like, webcheckin or blog post. We need to analyze all the
information we can, to stop things like that have happened in France. It does not mean you are under a general
suspicion! You decided to tweet, like, share and use all the – sometimes even unsecure or- open available platforms
on the net for a better living comfort…..

 

EchoSec Social Geo Intel Dashboard demo:

 

PEGIDA: patriotisch und nicht rechts, geht das?

Veröffentlicht: 16. Dezember 2014 in Netzwerke
Schlagwörter:, ,

◾ „Human blood is all one colour.  unbekannt


Dieser Blogpost ist auf den ersten Blick OFF-Topic ;-) Ich werde mich aber bald in einem weiteren Blogpost
auf diesen Beitrag beziehen müssen… (FYI: ich habe nicht vor mich in irgendwelche politischen Diskussionen zu verlieren! Der Blogbeitrag spiegelt auch in keinster Weise eine persönliche politische Meinung wieder.)


Das Kürzel PEGIDA steht für „Patriotische Europäer gegen die Islamisierung des Abendlandes“. Allein diese Namensgebung mag schon nichts Gutes verheißen. Dabei stößt das Wörtchen „Islamisierung“ besonders bei den Kritikern von PEGIDA auf. Wie verschiedenen Berichten zu entnehmen war, laufen dort auch Menschen mit, die offensichtlich einer rechten Gesinnung nicht abgeneigt sind.

Nicht jeder Bund, sondern der Zweck des Bundes; nicht das Vereinigen unter gemeinschaftliche Gesetze, sondern der Inhalt derselben geben der Seele die Flügel des Patriotismus.

Da fragt man sich aber im Grunde, wie es von Woche zu Woche stetig mehr Demonstranten werden können?
Zuletzt gar 15.000 Teilnehmer!? Selbst wenn man 50% Rechtsradikale inkl. Sympathisanten unterstellen würde, dann fragt man sich weiter, ob die restlichen 7.500 Menschen einfach dumm sind da mit zu machen, oder es tatsächlich Ängste in der Bevölkerung gibt, die man genauer hinterfragen und thematisieren sollte.

Europa

Damit diese Bürgerbewegung wirklich ernst genommen wird, reicht es vermutlich nicht aus, wenn dort tausende
Menschen auf die Straße gehen. Viel mehr sollte man sich von einer unterstellten(?) „rechten Unterwanderung“ frei
machen. Ich vermisse dort einfach die Reaktion der Demonstranten auf die „Vorwürfe“ bzw. Fakten.

Wo sind die patriotischen Fahnen? Ich sehe viele Deutschlandfahnen. Aber wo sind die Europaflaggen?
Wo bleiben die Schilder auf denen steht „Patriotisch Ja! Rechts NEIN!“?
Und wo bleiben unsere christlichen Werte? Die Menschen, die Folter, Vergewaltigung, Mord und Verfolgung in
ihren Ländern ausgesetzt waren haben keinen Anspruch darauf? Ist Nächstenliebe nicht auch etwas was
wir im „Abendland“ praktizieren sollten? Haben unsere christlichen Werte unsichtbare ethnische Grenzen?

Auch stellt sich die Frage, wie man seitens der etablierten Parteien mit solch einer Situation umgehen sollte.
Ist es klug die Menschen die dort (bislang friedlich) auf die Straße gehen als eine „Schande für Deutschland
zu titulieren? Treibt das nicht viel mehr von der „Basis“, bzw. der Mitte der Gesellschaft weg?
Ich halte das für eine gefährliche Pauschalisierung!

Wer bei PEGIDA mit läuft und friedlich demonstriert, weil er z.B. nicht hinnehmen möchte, dass wir
vermeintlich „Rabatt“ auf unsere Werte geben (so wird teilweise  Sankt Martin in das „Lichterfest“ umgetauft,
um religiös neutral und „korrekt“ zu bleiben), der wird direkt abgestempelt.

Auch wird die aktuelle Lage, bezogen auf terroristische Aktivitäten (siehe jüngst in Sydney), egal ob von
geisteskranken Nachahmern, oder gezielt ausgesandten „einsamen Wölfen“ beeinflusst.
Was u.U. bei vielen Menschen (nicht nur hier zu Lande) Ängste schürt ist, dass man eine Art von
Homegrown Terrorism“ befürchtet und sich lieber der (möglichen) Gefahr auf breiter Front „entledigen“ möchte.
Ob das die Lösung ist, darf stark bezweifelt werden!

Eins bleibt sicher: wenn PEGIDA sich nicht von vermeintlichen (u.a. vorbestraften) Redenführern und
rechten Mitläufern in den eigenen Reihen distanziert, dann ist diese Bewegung nicht Dialogfähig.

Klar ist auch, dass sich von den Medien abwendende Demonstranten aktiv dem Dialog entziehen.
Angeblich, da die Medien „alles verdrehen“ würden. Da geben also tausende Menschen quasi die
Hoffnung auf Gehör in Politik und Medien nahezu auf!

Mit einer solchen Einstellung braucht man dann auch gleich gar nicht auf die Straße gehen…

Im Positionspapier der PEGIDA liest man so manches und man mag sich seine eigene Meinung dazu
bilden, ob man den Punkten eher zustimmt, oder eher doch anderer Meinung ist. Und wenn dem so
ist, wie man es angehen, bzw. alternativ lösen könnte.

WIR sind das Volk? Dann sollten wir alle uns auch so benehmen und den Dialog anstreben, statt uns
voneinander zu entfernen und in religiösen oder politischen Lagern, sowie hinter hohlen Phrasen,
oder Vorurteilen (gleich wem gegenüber), zu verschanzen.

Das nachfolgende Zitat sollte zumindest nachdenklich stimmen:

Der Patriotismus wird sich immer als ein gemeinnütziges Streben äußern, und nie hat noch ein Demagog oder ein Intrigant ein Volk verführt, ohne es auf irgend eine Weise glauben zu machen, es sei eine patritotischer Bewegung begriffen.

 

Talk bei Maybrit Illner:

 

◾ „Privacy is not something that I’m merely entitled to, it’s an absolute prerequisite.  Marlon Brando

[25.11.2014/22:00 UTC+1 – UPDATE]

Insecam.com now says: „The coordinates of the cameras are approximate„. But that is simply not true.
Despite insecam now only seems to show obvious uncontroversial cams, you are now able to get to the cameras IP-address. I found cameras which I am not sure, if they were intentionally open to take control over (zoom, rotate etc.).

This might lead in some cases to circumstances under which you could manage the camera to look into areas that are not supposed to be streamed. Insecam continues with its explanation: „They point to the ISP (IP) address and not the physical address of the camera. This information is accurate only to a few hundred miles. The coordinates are provided only to locate the city where the camera is located, but not it’s exact position or address.

Uhm, not sure how much more accurate you could be with having the IP-address which does forward to the cam?!?
Or do I misinterpret this point somehow? Even if you are changing the coordinates generously on insecams geo-map, the IP-address does not lie.

E.g. I found this camera in Liechtenstein: http://www.insecam.cc/cam/view/511xx/
with coordinates (47.141510 | 9.521540) on insecam:

Liechtenstein-Studio

If you click to open the stream, you are directed to the IP which provides the camera and its interface:

http://80.72.XXX.XXX:82/CgiStart?page=Single&Language=0

Now I decided to look who this might be via his IP-address. I did use iplocation.net to select the best result and opened
the associated Google-Maps-Link:

Altenbach_1

 

Looking at the streamed Image I noticed the text „Studio_Decke“ (in the lower left corner), so I did look on Google if
I could find a „Studio“ in the area „Altenbach“.

After a few minutes I got two perfect results. One company has a very similar logo as shown on the streamed front door.
I did sent the company owner an email, and now I am waiting for a response, if it is his cam and if he wanted to stream
his visitors to the world.

Remember what insecam told us? This information is accurate only to a few hundred miles. The coordinates are provided only to locate the city where the camera is located, but not it’s exact position or address.


I don’t only want to criticize his work with insecam.com constantly and I am happy he decided to
take the private streams offline, but the more you look into details, the more questions arise.


I decided not to dig deeper on that insecam thing. It is up to competent authorities to decide what actions are necessary, or not…


 

Mail-Insecam

Answered questions by admin(at)insecam.com (1 of 2)

The original blogpost (12.11.2014) about identifying the insecam owner is currently protected via password for special access only. Competent authorities were informed to investigate the issue on insecam.com. The site insecam.com and insecam.cc do currently not stream private Webcams anymore, and so my „work“ for the moment seems to be done.

Cat out of the bag

I am sorry for the guy behind insecam.com, that I had to make him public known, but there was no other way
to force his ugly site to be off the web! I can not accept someone does stream kids and private cameras all over the world!

It is NOT a collateral damage to stream private cameras. And it is not right or justifiable to login to cameras which are protected with simple or standard passwords! They ARE protected! No matter if with weak password or not. You do not have the right to log in to this systems and it IS a crime!


If you are a serious IT-Security Researcher you would never try to inform the masses about such kind of problem
by exposing them public! You would rather setup a site which detects only the visitors IP-Address and offer to scan
for weak passwords and a possible open stream (right that is more work than just grab the data from Shodan-API and stream cams & draw the IP-Geolocation!).

The guy behind insecam knows that I got him. And I can only ask him to stand behind his „project“ with his real Name! Because what we are seeing now on the News is a lot of crap about „Russia“ is attacking us, and panic that suggests false things about „evil l33t haxors“ (maybe let us call him the „moldovan programmer looking for a job“)…

He is only making things worse by trying to hide and keep an illusory and mysterious veil of fog on insecams intentions.


The lesson he might have learned: „cover your tracks, before trying to come around the next corner with your pseudo operation you don’t want to be traced back to…“

 

If you are a journalist or from a law enforcement authority and want to get in contact with
me for details, please do so via Twitter first (@Tactic4l).

Important:
The intention behind this article is NOT to start a smear campaign against someone.
I might be totally wrong and I would then apologize. But so far I am trying to find the
bigger context of all of this. Maybe the one person (yes it is a single person as he did let me know) behind insecam had really good intentions. And this assumed I urge you all to not stalk or harass this guy. But we need to find another solution to throw light on such kind of issue as with open cameras (or poor secured ones). I have a lot of respect for the one that started this campaign, but he should have put his name on the site, and explain open to the media what his intention is. He should have created a site which lets you detect if your private camera is streaming to the world….using the front door was not the best option in this case, although it did lead to more excitement! All all at the expense of privacy….

Trying to stay anonymous, with this kind of site he created, is like to challenge the devil…always a bad idea!

You all stay safe & remember to regularly change your (hopefully strong) passwords ;-)

Challenge accepted:


Here some related articles worth to read:

Webcam snooper now looking for a Job (pcworld.com by @Jeremy_Kirk )
Dem Webcam-Spion auf der Spur (NZZ.ch)
Russian webcam hacker uses Insecam site to look for Job (Independent UK)
Programmer behind webcam-snooping Website replaces site with a job ad (Fox News)
Piraten erstatten Anzeige (Tageblatt.lu)
Security Cams in Luxemburg geknackt (Tageblatt.lu)


Office of the Privacy Commissioner of Canada (Letter to operators of webcam website)
Information Commissioner’s Office blog
Office of the Information & Privacy Commissioner of British Columbia

UK moves to shut down Russian hackers streaming live British webcam footage (the Guardian)
This Terrifying Website Lets You Spy on People Through 73,000 Private Security Cameras (Mic.com)
This Website Streams Camera Footage from Users Who Didn’t Change Their Password (Moterhboard)
Thousands Of People Worldwide With Home Security Cameras Are Being Spied On By A Russian Website (Business Insider)