Shahzad Bhatti

July 25, 2005

Lest We Forget; These Were Blair’s Bombs

Filed under: Politics — admin @ 6:45 pm

Lest We Forget; These Were Blair’s Bombs
** The tribunal is a serious international public inquiry into the invasion and occupation, the kind governments dare not hold. Its expert, eyewitness testimonies, said the author Arundathi Roy, a tribunal jury member, “demonstrate that even those of us who have tried to follow the war closely are not aware of a fraction of the horrors that have been unleashed in Iraq.” The most shocking was given by Dahr Jamail, one of the best un-embedded reporters working in Iraq. He described how the hospitals of besieged Fallujah had been subjected to an American tactic of collective punishment, with US marines assaulting staff and stopping the wounded entering, and American snipers firing at the doors and windows, and medicines and emergency blood prevented from reaching them. Children, the elderly, were shot dead in front of their families, in cold blood

** There was Bob Geldoff on the front pages resting his smiling face on smiling Blair’s shoulder, the war criminal and his knighted jester. There was an heroically silhouetted Bono, who celebrates men like Jeffrey Sachs as saviours of the world’s poor while lauding “compassionate” George Bush’s “war on terror” as one of his generation’s greatest achievements; and there was Paul Wolfowitz, beaming and promising to make poverty history: this is the man who, before he was handed control of the World Bank, was an apologist for Suharto’s genocidal regime in Indonesia, who was one of the architects of Bush’s “neo-con” putsch and of the bloodfest in Iraq and the notion of “endless war”.For the politicians and pop stars and church leaders and polite people who believed Blair and Gordon Brown when they declared their “great moral crusade” against poverty, Iraq was an embarrassment. The killing of more than 100,000 Iraqis mostly by American gunfire and bombs — a figure reported in a comprehensive peer-reviewed study in The Lancet — was airbrushed from mainstream debate.

** In 2001, in revenge for the killing of 3,000 people in the twin towers, more than 20,000 Muslims died in the Anglo-American invasion of Afghanistan. This was revealed by Jonathan Steele in the Guardian but never became news, to my knowledge. The attack on Iraq was the Rubicon, making the reprisal against Madrid and the bombing of London entirely predictable: this last “in response to the massacres carried out by Britain in Iraq and Afghanistan,” claimed the Secret Organization Group of al-Qaeda in Europe. Whether or not the claim was genuine, the reason was. Bush and Blair wanted a “war on terror,” and they got it. Omitted from public discussion is that their state terror makes al-Qaeda’s appear minuscule by comparison. More than 100,000 Iraqi men, women, and children have been killed not by suicide bombers, but by the Anglo-American “coalition,” says a peer-reviewed study published in the Lancet, and largely ignored.

July 20, 2005

Miracles of Quran

Filed under: Science — admin @ 9:02 am

Miracles of Quran

  1. The Bible, The Qur’an and Science
  2. Miracles
  3. Findings of modern science were already in God’s word
  4. EXPLORING THE SCIENTIFIC MIRACLE OF THE HOLY QUR’AN
  5. Signs of Quran
  6. Islam and Science
  7. Amazing Quran
  8. 19 in Quran
  9. MATHEMATICAL MIRACLE OF THE QURAN CODE 19
  10. Amazing Images
  11. Muslim Scientists
  12. WWIII

July 16, 2005

Cool Outdoor Wireless Internet

Filed under: Computing — admin @ 9:01 am

Cool Outdoor Wireless Internet
Wireless Outdoor

July 13, 2005

Ten Appalling Lies We Were Told About Iraq By Christopher Scheer, AlterNet

Filed under: Politics — admin @ 9:02 am

Ten Appalling Lies We Were Told About Iraq By Christopher Scheer, AlterNet
http://www.alternet.org/story.html?StoryID=16274
Read more about it


Falsehoods ranging from exaggeration to plain untruth were used to make the case for war. More lies are being used in the aftermath. By Glen Rangwala and Raymond Whitaker

20 Lies About the War

July 11, 2005

Paymasters Of Carnage

Filed under: Politics — admin @ 5:26 pm

Paymasters Of Carnage
In Istanbul, Jamail bore his independent reporter’s witness to the thousands of Iraqis tortured in Abu Ghraib and other US-run prisons. His account of what had happened to a civil servant in Baghdad was typical. This man, Ali Abbas, had gone to a US base to inquire about his missing neighbours. On his fourth visit, he was arrested without charge, stripped naked, hooded and forced to simulate sex with other prisoners. This was standard procedure. He was beaten on his genitals, electrocuted in the anus, denied water and forced to watch as his food was thrown away. A loaded gun was held to his head to prevent him from screaming in pain as his wrists were bound so tightly that the blood drained from his hands. He was doused in cold water while a fan was held to his body.

“They put on a loudspeaker,” he told Jamail, “put the speakers on my ears and said, ‘Shut up, fuck, fuck, fuck!'” He was refused sleep. Excrement was wiped on him and dogs were used on him. “Sometimes at night when he would read his Koran,” said Jamail, “[he] had to hold it in the hallway for light. ‘Soldiers would walk by and kick the Holy Koran, and sometimes they would try to piss on it or wipe shit on it,’ [Abbas] said.” A female soldier told him, “Our aim is to put you in hell . . . These are the orders we have from our superiors, to turn your lives into hell.”

Jamail described how Fallujah’s hospitals have been subjected to an American tactic of collective punishment, with US marines assaulting staff and stopping the wounded entering, and American snipers firing at the doors and windows, and medicines and emergency blood prevented from reaching the hospitals. Children were shot dead in front of their families, in cold blood.

The two men ultimately responsible for this, George W Bush and Tony Blair, attended the G8 meeting at Gleneagles. Unlike for the Iraq tribunal, there was saturation coverage, yet no one in the “mainstream” – from the embedded media to the Make Poverty History organisers and the accredited, acceptable celebrities – made the obvious connection with Bush’s and Blair’s enduring crime in Iraq. No one stood and said that Blair’s smoke-and-mirrors “debt cancellation” at best amounted to less than the money the government spent in a week on brutalising Iraq, where British and American violence was the cause of the doubling of child poverty and malnutrition since Saddam Hussein was overthrown

Embedded Security: Top Ten Myths

Filed under: Computing — admin @ 7:48 am

Embedded Security: Top Ten Myths

by Mukesh Lulla, TeamF1

Perhaps no other area of embedded technology gets as much visibility today as security. After all, if .connectivity. of modern embedded systems was the wave of the last decade, it.s no surprise that .secure connectivity. is becoming an almost inescapable requirement as networks come of age. The prevalence of wireless, remote management, storage, and mobile technologies has reinforced the urgency of this requirement and sparked renewed interest in not just protection of data-in-transit, but also data-at-rest.

State of the Onion

As prolific as the exhortations to protect embedded devices are, the current state of security in many embedded applications still hovers somewhere between confused complacency and intimidated inaction.

.Security is a multi-dimensional problem., insist some pundits while others claim, .simplicity is the key to practical security.. .Think of security as an onion with layers and layers of defenses., more experts chime in. .Layers serve as obfuscation and give you an illusion of security., retort the critics. Confusion hath now made his masterpiece!

While the high priests of security duke it out and management, sniffing the fumes of unrealistic end-customer demands, wants nothing short of an absolute guarantee of security, we engineers are frequently left to sort out what is and what is not feasible. When it comes to security, conventional wisdom just isn.t!

Hit or Myth

Muddying the waters further are some widely held misconceptions. We cannot resolve the apparent contradictions surrounding the best practices for secure devices without first clearing this fog, so we.ll start by dispelling ten of the more egregious myths surrounding this subject:

  1. Myth #10 : We aren.t the likely target of an attack

    This is the most pernicious myth of all and takes various forms: .The data on/from my device is useless to others, ergo I don.t need any security.. Or, .who would ever want to spend the effort to hack my system?.. But with the proliferation of easily accessible hacking tools, advanced crackers aren.t all you need to worry about-a whole army of kiddie-script writer wannabes is waiting for their 15 minutes of fame.

  2. Myth #9 : My embedded system.s security has never been broken, so it.s all we need

    Sure, that.s like saying: .I intend to live forever – so far, so good.. Enough said!

  3. Myth #8 : My device is password .protected.

    Well, password protection at least implies awareness of a requirement for security. However, passwords are usually sent over a network in clear-text and are easily captured by packet sniffers on intermediate network nodes. In most cases, they provide only a deceptive veneer of security. If the password scheme protects remote management or access to the device, an attacker could potentially gain complete control of the device with impunity. Even if passwords were sent over a secure channel, they may still be susceptible to dictionary attacks.

  4. Myth #7 : Security protocol XYZ is the silver bullet

    Once convinced that real security is needed, many users start looking for a quick fix believing that some single well-known security protocol is all that their device needs. One common manifestation: .My device has a firewall, so I don.t need to worry about security threats.. Such delusions of adequacy may blind one to serious vulnerabilities in the system such as lack of protection for network data.

  5. Myth #6 : Two security protocols are better than one

    This is only a half-myth, but is so frequently abused that it deserves attention. Belief that there is no one panacea for security convinces some to take it to the next logical step-back up the truck and load up on it. After all, more security can.t be worse than less security. But what.s forgotten in this exquisite distillation of logic is that security is weakest at the seams, so adding multiple security layers to an embedded device without thinking it through is like putting three dead-bolts on a door whose door jamb is not anchored to the wall. Security should be a strategy, not a bunch of protocols.

  6. Myth # 5 : Security is the same as encryption

    This myth and its corollary-.cryptography is the same as encryption.-are byproducts of buzzword hype. Certainly, encryption is a cornerstone of information security, but consider this fallacy: what if an encrypted (and thus, confidential) connection goes not to the entity you expected to communicate with, but to an unauthorized one? In other words, you may have a completely secure channel, so no one else can listen in to your conversation with. an attacker! Security needs to include authentication (identity verification), integrity (tamper-resistance), and various other techniques to thwart attacks. These are typically based on cryptographic operations, which include but are not limited to encryption.

  7. Myth #4: More .bits. mean stronger security

    Yet another fallacy related to encryption is that more .bits. of encryption mean higher security strength. However, like all data, the impact of the .bits. (usually key-size or block-size of encryption algorithms) only depends on the application that uses it-in this case, the encryption algorithm. Assuming that 256-bit RC-4 is stronger than 128-bit AES encryption is like comparing apples to oranges, not to speak of the watermelons that elbow their way in when 1024-bit public-keys (RSA, DSA) are thrown into the equation.

  8. Myth # 3 : Security will get in the way of my application

    Security is a subject that turns many embedded developers off. The resource requirements (code size, memory usage, CPU .horsepower.) for cryptography are often formidable by embedded standards. Even if that were reconciled, developers often think that security detracts from their productivity by making things difficult. However, a well-designed security solution that leverages hardware / software optimally, and provides a common framework to secure different aspects of an embedded application can be less intrusive than one may imagine.

  9. Myth #2 : I can do it better

    Embedded development frequently revolves around the efficiency of solutions developed in-house because .No one understands my systems as well as I do.. Security protocols, in particular, are viewed as laden with more baggage than a Samsonite factory, so some developers concoct small-footprint, lightweight implementations without the .bells and whistles.. If this is done without a full understanding of why a protocol required it, the bell or whistle that was left out might spell the difference between strong and weak security, and worse, may not be exposed until it.s too late.

  10. Myth # 1 : A proprietary implementation is more secure than an open one

    It is a human tendency to equate secrecy with protection of sensitive information and this reasoning has been used to promote some really arcane security implementations. However, if secrets extend beyond the realm of replaceable secret keys to the use of secret methods and implementations, this can be a major cause of brittleness. .Security by obscurity. flies in the face of good security practices. Core security-especially the security protocol and cryptography-should be based on code available for public review. This ensures a deeper analysis of any vulnerabilities than would be possible with any single company.s proprietary code which claims compactness and is written partially in .high-performance. assembly that looks like line noise, just so that .no one can break into it..

Deconstructing Security

Achieving strong security is indeed a multi-dimensional problem, but the key is to architect the system using a cohesive approach to security, rather than stitching together a solution from various pieces-remember, the seams are always the most vulnerable. Inadvertent vulnerabilities resulting from the use of a well-designed crypto algorithm in an application it was never intended for, may be worse than choosing a weaker algorithm and knowing the consequences upfront. The .layers-of-onion. model of security can provide defense in depth, but only if the layers are standard components put together in a consistent manner so as to complement each other.

It is important to recognize the different facets of the embedded security problem first and make sure all relevant ones are considered in the solution. One way to divide the security requirements of an embedded system is to analyze three areas:

Data Security-security of raw data residing on the device e.g. configuration files, statistics, or even databases.

System Security-security of the embedded device as a networked node, or security of the perimeter of a network of devices.

Network Security-security of the data moving between a device and other systems.

Of course, a heavy-gauge steel box welded shut is a very secure container indeed, but not a very useful one. So it is important to remember that a secure system does need to allow access to AUTHORIZED users. This ties in to the concept of identity or more specifically, proving that an entity is who it purports to be-Authentication, which is another important dimension of security that needs to be analyzed.

An embedded device that integrates these elements of security in a seamless manner and complements them with consistent system-wide security policies would be a truly secure device, not just one believed to be secure. After all, while optimism has its place in the world, it has no business being a part of your device.s security strategy.

July 3, 2005

Autopsy: No Arabs on Flight 77

Filed under: Politics — admin @ 9:02 am

Autopsy: No Arabs on Flight 77
The remains of everyone aboard flight 77 have all been identified. The problem
is, the accused Arab hijackers are not among them! Let me rephrase that.
The 9-11 plane that crashed into the Pentagon did NOT HAVE ANY ARABS ABOARD IT.
Read more about it here

Powered by WordPress