Mark's Sysinternals Blog: Sony, Rootkits and Digital Rights Management Gone Too Far
A great example of how to track down a rootkit on a windows system. Also very interesting to see that the rootkit in question came from a Sony Audio CD!!
Important to watch out for this kind of protection on audio CD's and avoid buying them!.
Sunbelt BLOG: WarXing
It's interesting to see a legal opinion on the items relating to wireless networking..
the opinion seems to be "don't connect to someone else's wireless and if you do don't download a lot of traffic"
My (and IANAL) opinion is that this line of thinking applies if the person is aware that they're connecting to a network that they shouldn't, but there are two points which make this a lot less clear.
1) there are a number of legitmately free wireless networks and more municipal wi-fi connections appear to be being setup. So how is a non-technical user meant to know whether the network they've connected to is free or not?
2) Operating system and client software behaviour may not help. windows xp (pre-sp2) will by default connect to wireless networks that are available, so is a user responsible if that connection is made..?
And where a case where someone has deliberately and knowingly connected to a wireless network that they shouldn't have, how is the legal system meant to determine that they did know and didn't think that they'd connected to a legitimately free network...?
Web Threats Keep Users Away
this story covers the results of a survey from webwatch, which indictates that people are cutting back on spending online as a result of fears about identity theft and phishing.
I think this kind of swing is one that a lot of companies (like banks) who save a lot of money as more of their customers transact over the net, will be very worried about. If their customers start returning to using other channels like phone banking or branch banking, then that's likely to have a real impact on the bottom line for the companies involved...
One outcome I think it likely is a return of the AOL style "walled garden" Internet where only specific, vetted, sites are available to the user, with the service provider providing some assurance over the content...
Ordinary users are not and don't want to be savvy enough in the ways that the Internet works to be able to reliably detect phishing scams and to keep spyware off their PC's. As a result, if the environment on the 'net keeps getting more hostile, it will be better for the ordinary users to take the hit and lose access to a lot of sites, in exchange for a greater level of safety...
ElseNot Project ~ History of Microsoft Exploits and Security Bulletins
Link to a useful site with a list of all the publicly available exploits for a given MS bulletin.
Perl.com: Web Testing with HTTP::Recorder
Tutorial on HTTP::Recorder module for perl. To an extent this is the functionality that you can get from webscarab or burp, but looks like it could be handy all the same...
CNET News.com's Blog 100
Cool list over at CNET of 100 top blogs (ITHO). Some interesting ones to add..
Justice versus legality - the case of Daniel Cuthbert | Samizdata.net
some coverage here of the case of Daniel Cuthbert who's been convicted of breach of the Computer Misuse Act for (if the articles I've read are accurate) putting ../../../ into a URL to see if a site he'd just given his credit card to was insecure..
I'm in two minds about this case, on the one hand he shouldn't have done that really it could be construed as an attack and he should've realised that it would trip IDS (although how quiet must they've been in the BT offices that they were investigating ever IDS alarm of that type!)
On the other hand, the Internet is a public place and websites are public resources by definition (unless they have access control configured). what concerns me is that people accessing websites in unusual ways run the risk of being prosecuted.. for example if they see a parameter in a URL and think "I'll just skip ahead by changing that by 5 instead of clicking forward 5 times" ... is that a breach of the computer misuse act..?
also it's waaay to easy to abuse this kind of thing.. how long before someone sends an email with a link which has something like "../../../" in it , causing a recipient who clicks it to appear to be a "hacker"...
Not sure either of those are great reasons, but this case does make me feel uncomfortable for some reason.
Espion automates e-mail encryption
Maybe I'm missing something here but reading this article it seems that someone's come up with an encrypted mail product that's pretty insecure... from the article
"MXLock uses two-key encryption; one of the 1,024-bit keys resides at the sender
Wired News: Nun Terrorized by Terror Watch
This is a liitle bit scary... The terrorist watch list has an AFGHANI MAN using an alias of McPhee on it... and they start stopping an AMERICAN WOMAN because her surname is McPhee.....
I actually think I can see why something like this might happen. I reckon that the culture in this environment is one where everyone is really scared of making a mistake that leads to a successful terrorist attack so they follow instructions to the letter, no matter how stupid..
The only problem is that that approach ignores the opportunity cost and allows people to avoid your checks
- if you spend loads of time with people who are not really suspects, there's less time to look for people who are...
- if you rely on stupid basic measures like surnames, then it's really easy for someone who needs to (and doesn't mind breaking the law), to avoid them...
TomsNetworking Product Reviews : TomsNetworking :
Review of a very interesting product from Airmagnet. I've used their laptop analyser product, which is great for Wireless Security Site Surveys, but the spectrum analyser is more focused on the performance site survey side of things.
V.cool to be able to track down all the sources of interference (and find the microwave in a big building!)
