Thursday 28 February 2008

Offline password and registry editor

The tool is is BackTrack, but there is an interesting floppy, CD or USB version:
http://home.eunet.no/~pnordahl/ntpasswd/
It boots quickly and it is straightforward to follow the step by step instructions.

Wednesday 27 February 2008

CAPATCHA Goooooootcha

It looks like gooles capatcha is under attack with a 20% success rate: http://www.websense.com/securitylabs/blog/blog.php?BlogID=174

That's a lot of accounts to send me stock tips or enlargement pill ads. The more interesting thing would be if the bots could do something cool with all that storage! Say that this process is yeilding 1 account per minute, thats 1440 accounts a day and around 525600 accounts a year. With 6Gb of storage space per account that is 3.2 PB of distributed storage.

check out these tools to mount a single account
http://www.sizlopedia.com/2007/08/11/utilities-to-use-gmail-space-as-google-drive/
If they are clever enough to crack the captcha, they should be clever enough to create something that would mount all of these counts together as some sort of distributed file store with redundancy and resiliency.

Cool.

Friday 22 February 2008

What would dD look like


This is dD as a Simpsons character. Have a go yourself at http://www.simpsonsmovie.com

Cool sites

found these, thought they were cool:
GNUCitizen
The Hacker Webzine

please feel free to add more cool links in the comments

Mobile Phone Sniffing: smells kind of cheesey!

Apparently a couple of guys at the black hat conference over in DC have demonstrated a GSM crypto cracking system in 1/2 and hour and $1,000 of storage.
Take me >>
As dD is impoverished and busy attendendance was not an option. However, the good old blackhat folks will be making the whole things available in there archive in a couple of weeks. Groovey!

Cold Hacking: what we leave behind

It seems that DRAM is not so forgetful after all! It would seem that some plucky researchers over at Princeton have demonstrated how to obtain critical cryptographic keys for disk encryption systems such as BitLocker and TrueCrypt by cold booting a system an having a look at what is left in memory.

They even have a video of the talk and a paper. This is another example of side attacks on cryptosystems which the great might big boss Bruce has been mentioning for some time now.

Monday 18 February 2008

iFrames of Doom! So say Google

Google has now made it offical: iFrames are bad for you! Although they have some figures, and graphs to back this up. Time to show your CIO if you have one, or the dustbin man if you don't.

Let the drive by raids commence!
dD

Wireless: Its a threat official!

Friends of dD will already know our disdiain for all things wireless. However it is now official! It would appear though that dD is at odds with the big boss himself Bruce Schneier himself! bummer.

dD

Hack and Trade: US only version

It seems that stealing insider trading info and then trading on it is ok in the US (at the moment). However, deceiving someone to obtain it is illegal! hmm! Fortunately, the Europeans have already sorted this by declaring that trading on insider information - however it is obtained - is illegal.

Go Team US of A!

dD

CISCO's "Security" agent driver's unfortunate buffer overflow...

http://www.cisco.com/en/US/products/products_applied_mitigation_bulletin09186a008090a445.html

"Cisco Security Agent contains a vulnerability when it processes a specially crafted Server Message Block (SMB) packet. This vulnerability can be exploited remotely without authentication and without end-user interaction. Successful exploitation of this vulnerability may allow arbitrary code execution, cause the affected device to crash, or result in a denial of service (DoS) condition. The attack vector for exploitation is through SMB packets using TCP port 139 and TCP port 445."

Friday 15 February 2008

The Onion on security (fun)

It had been a while since I had checked out The Onion, so I am glad to have come accross this:

We Must All Do Our Part To Preserve This Climate Of Fear, by M. Willard Thornton http://www.theonion.com/content/opinion/we_must_all_do_our_part_to?utm_source=onion_rss_daily

Thursday 14 February 2008

Vista "Lite": Strip out the unwanted stuff

http://www.vlite.net/
Useful tool for:
1. Reducing a Vista box's attach surface,
2. Speed up the OS.

There is also a version for Windows XP:
http://www.nliteos.com/

OpenID

The big boys are now playing nice with OpenID, as IBM, Google, Verisign, Microsoft and Yahoo! (soon to be Microhoo! ?) have joined the board:
http://openid.net/

New version of TrueCrypt

This free open-source disk encryption software works on the following platform: Windows Vista/XP, Mac OS X, and Linux!

You can create virtual encrypted disks, encrypt whole partitions AND even the Windows boot/systems drive. So who needs BitLocker??

http://www.truecrypt.org/

Get infected by your anti-virus maker's web site!

This has to be rather embarrasing:
http://annysoft.wordpress.com/2008/02/06/antivirus-company-website-is-infected/
Also covered at The Register:
http://www.theregister.co.uk/2008/02/08/indian_av_site_compromise/
Another case of the evil iFrame striking, but this time from a "security" company...

Should UK parents get compensation from HMRC?

Alternative Dispute Resolution Services is a Newcastle-based legal firm which is offering a £5.99 pack to help pursue a claim against the government for breach of the Data Protection Act. They claim that 14,000 people have registered with them so far.

The pack is available at:
http://www.compensationpack.com/
News coverage is here:
http://www.thisismoney.co.uk/disc-claim

Don't get too excited: the estimated payout is likely to be between £50-£300, which is way below any losses that may be suffered if the data is in the wrong hands. The interesting question though is whether or not the government actually breached the DPA.

Sophos statistics on spam relaying by countries

The USofA are at the top of the list, followed by Russia:
http://www.sophos.com/pressoffice/news/articles/2008/02/dirtydozfeb08.html

Happy Valentine and watch that electronic evidence, just in case...

Electronic evidence is increasingly being used in divorce cases:
http://www.gpsdaily.com/reports/Nation_Top_Divorce_Lawyers_Note_Dramatic_Rise_In_Electronic_Evidence_999.html
Wether it is electronic or not, it is just "evidence" after all. It is interesting to note the use of GPS data: yes we can prove you were there...

Monday 11 February 2008

God Bless America and their border cops!

I hope that I never get stopped with my phone, laptop, cd bag, notebook, flash drives as 20hours of questioning will seem like a holiday! Just one more reason not to go to the leading light of the free world!

I know something you don't know

It seems the vulnerability disclosure is taking on a new slant. All the previous reports I've seen on this subject have largely been about those researchers who disclose vulns get hammered by law enforcement agencies or big companies. However, this one takes on a new twist. RealPlayer11 has a bug and Evgeny Legerov has found it. However, it appears this guy has a group of "customers" who he sells bugs to but won't disclose to the original developer. In the daniweb blog the author discribes this as blackmail. I'm certain it's not blackmail, but ethically it's difficult. But why should I be ethically bound to notify people of their screw ups? Maybe the fact that big companies carry on producing chronic code is because people find their cock ups and tell them about it. Perhaps this new type of militant action by security researchers will start to force a shift in software development as companise will no longer be able to rely on independants working it out for them.

Firefoxed

Firefox 2.0.0.12 is vulnerable out of the box using a directory traversal! Good lord what is happening here!?
http://www.0x000000.com/index.php?i=515
According to the site listin the vulnerability this will allow you to potentially view every file in the Mozilla directory. Solution a) use another browser b)install a plug in!

Most vulnerabilities are delivered by third party plugins on fixed by them!