Daily Digs – 08.19.2009
Good Wednesday-evening everyone! We're over the hump on on our way to the weekend so let's get right to the digs...
First up is a little bit of interesting research from our friends over in Redmond on de-anonymizing the Internet. The paper is all about a newly dubbed system called HostTracker. The basis of this particular system is to "...track bindings between hosts and IP addresses by leveraging application-level data with unreliable IDs." But, before I muddle the topic anymore head on over to check out the PDF.
[De-Anonymizing the Internet Using Unreliable IDs]
Everyone's heard of the IronKey but today there was some buzz around some new functionality and that's with specific regard to malware protection on the new product. The new functionality is by a company called Tresys and called FiST (File Sanitization Tool).
[Malware Protection on USBs from IronKey]
The SANS network forensics puzzle is still on like Donkey Kong! Submissions need to be in by September 10th, so get a move on.
[Network Forensics Puzzle Contest]
Network World today is telling us that managed security services are all the rage. Yeah, just like blink-tastic security boxes. And firewalls. The real question is what managed security services don't suck? Hit the link for some statistics you, could very well have, lived without.
[Managed Security Services All the Rage]
Well thankfully you don't need to give up your SSN to get a room from Radisson or you might be in more hurt than you already are. News out today that Radisson is disclosing a breach and to "review your account statements and credit report". Thanks Captain Obvious!
[Radisson Hotels Suffer Data Breach]
Gunnar Peterson, representing the 6-1-2, has a fabulous story of - firewalls! OK, not really, but read the article, it's been the most entertaining thing so far for me today.
[There Are No Firewalls]
Symantec identify your site as "dirty"? They've got the worst-of for the summer of 2009 up and CNET has an article all about it.
[Dirtiest Websites of Summer]
There seems to be an inadvertent feature in version 3.0 of iPhone and iPod Touch software - the fact that deleted emails can be recovered! Although reports say it's been fixed in 3.1 beta be wary of anything you think you may have deleted.
[iPhone Bug Keeps Deleted E-mails on Tap]
Rich and Co. over at Securosis have some new details up about the root cause of the Heartland breach. Although the recommendations are high level it's obvious there are many who are struggling to even implement the bare minimum.
[New Details, and Lessons, on Heartland Breach]
Indictments indictments everywhere! 8 more were charged today for obtaining $22 million dollars worth of wireless devices from AT&T and T-Mobile without payment. Ummm, say what? Quite the little scam to abuse the dealer network systems.
[8 Indicted in $22m Fraud Against AT&T Wireless, T-Mobile]
Oh yay, a couple of cloud standardization efforts were made public this week. If I had to shoot from the hip I'd say the OpenGroup initiative will probably be the end winner as it was entirely odd to see mention of "RESTful" in the first sentence of the A6 draft. Honestly, I think more effort went into a coining descriptor and buzzwords than anything else (and even that doesn't make total sense to me - call me slow). But anyway, CNET has the run down.
[Two Cloud Standardization Efforts Made Public]
We'll leave you tonight with some information around a very common tool most of us use on a daily basis. Considering most people run a stock configuration digging through this rundown of 20 (quick) best practices might serve you well.
[Top 20 OpenSSH Server Best Practices]
That'll do it for tonight folks! Take care and feel free to comment if you find the digs at all useful.
-windexh8er
Daily Digs – 08.13.2009
Ohhh we were so close to a Friday the 13th. Some of the stories for today may have been better served by that date / day combination. I suppose it felt like it for Robert Carr (CEO of Heartland) though as Mogull laid the open-letter-smackdown fo' sho'. All in all it's been an interesting day with some great news so let's get to the digs!
First up is an interesting analogy of cracks to Microsoft. The "dorky tale" can be had over at EvilFingers and is, well, lighthearted in nature.
[Patching the Patches]
It seems to me as if Firewire is always ripe with authentication bypass flaws. Help Net Security has a paper that you can download to read all about it. What OS are we talking about here? None other than the shiny new Windows 7.
[Firewire Based Physical Security Attacks]
There's not a whole lot to say about this one because Rich Mogull said most of it already. If you haven't already read the open letter to Robert Carr you'll want to.
[An Open Letter to Robert Carr]
From the are-you-completely-stupid-bin we pull out the misunderstandings of non-technical government officials. This time, however, the stupid policies being pushed aren't originating out of DC! Belgium wants to keep all email traffic for two years. Supposedly this will help in some way, shape, or form to combat criminal activity. Because, there's not fabulous free encryption out there or anything.
[Belgium Would Like to Track Your Email for Two Years?]
I'm jealous. Joel Esler was raving about the SourceFire Exploit Development class today. He makes the comment about those typical classes where 80% of the content is rather trivial and the other 20% you could have figured out anyway and how this class is not that type. Again, I'm jealous and might actually take this class later this year if I can swing the time off in December. Thanks Joel!
[SourceFire's Exploit Development Class]
Think you know enough about ERP, dB, gain, etc. with regards to 802.11 antennas? Well, then you probably haven't a clue on the changes in 802.11n antennas. There's a great article on SearchNetworking today with links to a few other antenna references.
[Understanding 802.11n Wireless Antennas]
Your organization still running IE6? That's too bad, maybe you should inject some code into the front page of their site displaying your disgrace for the browser that just won't die (but kills machines).
[IE 6 No More!]
Oh, joy -- pretty much every Linux kernel running on the planet is broken, and can allow remote exploitability. Yes, pretty much every kernel since early 2001. This will be a great exploit for time to come!
[Bug Exposes 8 Years of Linux Kernel]
We leave you this week with some great key size explanation by Luther Martin of Voltage. If I could sum it up as well as his post was written I'd do just that, but it's easier for you to read his explanation.
[Comparing Key Sizes]
Have a great weekend everyone! We'll be in touch with some of the things we talked about earlier in the week.
--windexh8er
Daily Digs – 08.12.2009
Good evening! Wednesday, the kernel, of my week - oh how I'm glad you've almost come to a close. The race for the weekend is all downhill from here. We've got lots of great commentary and links to share today so on to the digs.
Generally I'd like to stay away from vendors advertising new, must-have, fabulous, can't-live-without technology - but BreakingPoint posted something that just looks too damn cool. "Write and simulate your own network strikes" they say! So as not to break out into a commercial for them I'll just lead you to the link. I can't say I've ever had a chance to drive any BreakingPoint gear (I'll definitely take one for a test drive if they want to send me something though) so please don't take this as an actual advocation.
[Write and Simulate Your Own Network Strikes]
Gartner has a fun little graphic up with regards to the hype cycle of emerging technologies. While it's interesting to look at that's about all it's good for in my book. Really, if an analyst at Gartner could predict the peak appropriately they wouldn't need to work at Gartner. Then we get to the crux of the "inflated expectations with", hold your breath, e-book readers and cloud computing. There are more little nuggets of thought-provoking humor (microblogging on the edge of the trough of disillusionment) scattered in the colorful roller-coaster-of-a-graphic so check it out.
[Twitter Backlash Foretold]
UC Berkeley today disclosed they they may have disclosed roughly 493 SSN and other PII to a hacker. That gets me thinking -- are the bigger schools just better at realizing they've been breached, or are they just the bigger target?
[Hackers Strike UC Berkeley]
So I had a great laugh this morning with this one and then also learned an interesting tidbit of information from a coworker. At the surface of the story most news outlets are running the piece that Judge Leonard Davis of the U.S. District Court for the Eastern District of Texas issued a permanent injunction against Microsoft that prohibits them from selling or importing Word that, basically, has any XML functionality. That's what the mainstream press is running. What I learned was that Smith County in Texas has it's own story of shady shenanigans and now I have some "Murder She Wrote" style literature for my enjoyment this weekend. That's because in 1985 a book called "Smith County Justice" was published by a man named David Ellsworth. Let's just say that you can't get the book in print anymore because local authorities used pressure of sorts to have the book pulled from publishing and all unsold copies burned. Dum dum dum. Anyway, I'll leave it to you to solve the mystery of Smith County. Check out the links to get started!
[Judge Orders Microsoft to Stop Selling Word]
[Wikileaks - Smith County Justice]
Branden Williams informed me (well not directly) that MasterCard has finally gotten around to clarifying their previously ambiguous L1 and L2 merchant fine machine. MasterCard yells "All hail QSA!" while Heartland banters "QSA - thou are heretic!". Well, at this point I might as well post both links with this banter. Is it a full moon out tonight?
[MasterCard Clarifies Their Position]
[Heartland CEO on Data Breach]
Phish bombs away! Want to pwn your own Safari 4 "Top Sites"? Be prepared to get your electronica groove on with this screencast SecureThoughts has provided us with today. On to the show ladies and gents!
[Hijacking Safari 4 Top Sites with Phish Bombs]
Diebold is up to their same old same old, quietly patching "secure" vote counting software. If you like this story and are interested in more information on voting fraud and corruption I'd highly recommend watching "Uncounted - The New Math of American Elections". A coworker of mine helped produce and contribute research to the documentary and it's presented very well. After talking to him I learned that they actually had to chop out a few key segments because initial reactions were too strong from the public. Anyway, get your vote fraud news on.
[Diebold Quietly Patches Security Flaw in Vote Counting Software]
[Uncounted - The New Math of American Elections]
The mobile-phone attacks are coming, the mobile-phone attacks are coming! I didn't see this one on Gartner's hype cycle so it must be true. C'mon anyone who hasn't seen this one coming since the release of the iPhone is living in a fantasy world where BeOS is making a comeback. Ahh, the good old days of BeOS. All in all it's a good discussion to be having now. We're hitting the critical mass where it's becoming glaringly obvious why and where the monarchy approval system (i.e. Apple's App Store) fails, but at the same time why it's positioned well for sanity checks and balances of a completely open system that could easily be circumvented for the general populous.
[Android Security Chief: Mobile-Phone Attacks Coming]
From the you-may-not-have-known bin we pull out some Nmap goodness I learned from the fabulous VOIPSA blog. Nmap has a rather extensive set of fingerprints for VoIP devices! OK, so you already knew that fingerprinting was a big part of why you use Nmap in the first place, right? Well it struck me, while I was perusing the list, that I could (will) help by adding a few that I have access to that aren't in that list already. Truth be told is that I felt like I haven't contributed anything back to the Nmap project recently and I really should.
[Something Old, Something New: Nmap's VoIP Fingerprinting]
Wow there are lots of great links today! Unfortunately I'm already >20 minutes past due because of a busy evening. We'll leave you with a list in the grab bag tonight. If you find the daily digs useful, humorous or flat out lame feel free to let us know in the comments! Take care ya'll...
-windexh8er
[Dear Palm: Please Stop Tracking Me and My Pre Use]
[Typhoon Knocks Out Asia Telecom Cable]
[2Wire Routers Unauthorized Access]
[Energy Companies Say NERC Standards Inadequate]
[Technical Debt]
Tags
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | ||||||
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
Random Musings
Twitter: windexh8er
- Zoom whitening - more painful than expected but white white teeth!
- Inception in VIP at Showplace Icon FTW to celebrate resignation! Wooo hooo!
- Coke has hybrid electric delivery trucks, interesting. http://twitpic.com/27usw6
- Mog vs Rdio, the battle for my $10/month... (Mog is now on Android)
- Wow... TrueCrypt 7 benchmarks at 1GB/sec encrypt and decrypt on the i7 in the MBP. Too bad FileVault doesn't use AES-NI. :(