Microsoft withdraws Windows XP security claim
A promotional Web site for Microsoft's soon-to-be-released Windows XP operating system said it would offer the same protection from viruses and hackers that major corporations use, but the company has since rescinded those assurances.
Wednesday, August 22, 2001
...:::[Root-Core Network]:::...
Root-Core was formaly know as Neblonica and was founded in 1998. In 1999 the named changed to Root-Core. We mainly focus on information sharing not causing havoc. We do not spend all day searching for boxes to root. We are a open group, we almost always accept members.
Root-Core was formaly know as Neblonica and was founded in 1998. In 1999 the named changed to Root-Core. We mainly focus on information sharing not causing havoc. We do not spend all day searching for boxes to root. We are a open group, we almost always accept members.
Computer Key Stroke Logger
The KEYKatcher Monitors computer use in the home or the office and insures computer usage policy compliance. The KEYKatcher is a tiny recording device that clips onto your keyboard cable. It's used to log keystrokes typed on the computer. It doesn't require any external power source and it installs in less than 10 seconds. The KEYKatcher records all keystrokes, and stores them in a non-volatile memory. Even if the device is unplugged, or your computer is turned off, the KEYKatcher will continue to store the information.
Monday, August 20, 2001
[lf] Cyber Citizen lands Felony Charges?
Brian K. West, who did nothing more than try to get a local copy of an html document to pre-test how an ad would look on a webpage, using Microsoft FrontPage, may well have his reputation ruined and his finances destroyed as a result of his actions. He did not deface the site. He did not damage anything. He accidentally found a security hole, tested it to make sure it was real, and then called the owner of the site to inform him of the problem. In short, West faces a felony conviction for telling the Poteau Daily News that he discovered a serious misconfiguration in their server.
Brian K. West, who did nothing more than try to get a local copy of an html document to pre-test how an ad would look on a webpage, using Microsoft FrontPage, may well have his reputation ruined and his finances destroyed as a result of his actions. He did not deface the site. He did not damage anything. He accidentally found a security hole, tested it to make sure it was real, and then called the owner of the site to inform him of the problem. In short, West faces a felony conviction for telling the Poteau Daily News that he discovered a serious misconfiguration in their server.
Sunday, August 19, 2001
Weekend: Encryption effort
There have been many articles recently extolling the virtues of encrypting your communications via the internet. But there is another side to this debate. Russell Kay, senior reviews editor of Computerworld in the US, gives us his view.
There have been many articles recently extolling the virtues of encrypting your communications via the internet. But there is another side to this debate. Russell Kay, senior reviews editor of Computerworld in the US, gives us his view.
Components of the Nigerian Letter Scam
The Nigerian Letter Scam and its infinite variations has been around since the late 70's and is probably known by every fraud officer in the world. This scam has now moved from being committed through snail mail to being committed via e-mail but its essential components are remain the same. The only difference is that the perpetrators have become more sophisticated in their letter writing.
In its simplest form, the scam involves an innocent recipient who receives a letter from an individual posing as a Government Official or an officer of a Nigerian state business who claims to have stolen millions of dollars and needs to get the money out of the country. The person cannot use his own bank account and therefore asks to send money to your bank account after which he would give you 10-35% of the money in exchange for this service. Once the fraudster has your account number he then empties your account.
The Nigerian Letter Scam and its infinite variations has been around since the late 70's and is probably known by every fraud officer in the world. This scam has now moved from being committed through snail mail to being committed via e-mail but its essential components are remain the same. The only difference is that the perpetrators have become more sophisticated in their letter writing.
In its simplest form, the scam involves an innocent recipient who receives a letter from an individual posing as a Government Official or an officer of a Nigerian state business who claims to have stolen millions of dollars and needs to get the money out of the country. The person cannot use his own bank account and therefore asks to send money to your bank account after which he would give you 10-35% of the money in exchange for this service. Once the fraudster has your account number he then empties your account.
Thursday, August 16, 2001
ImageSat International
This is the Web page for the Israeli EROS A spysat. (The one launched by Russia that the Taiwanese are using to spy on the PRC.)
This is the Web page for the Israeli EROS A spysat. (The one launched by Russia that the Taiwanese are using to spy on the PRC.)
Wednesday, August 15, 2001
Censorship in action: why I don't publish my HDCP results
I have written a paper detailing security weaknesses in the HDCP content protection system. I have decided to censor myself and not publish this paper for fear of prosecution and/or liability under the US DMCA law.
Monday, August 13, 2001
Net activists launch campaign to jam 'Echelon'
Internet privacy activists and "hacktivists" have announced a day-long cyber-protest intended to jam a computer surveillance network whose existence isn't acknowledged by the governments said to run it.
Sunday, August 12, 2001
Satellite Vulnerability: a post-Cold War issue?
The widely discussed use of US reconnaissance satellites during the Gulf War will strongly motivate future regional adversaries to seek ways of countering US space-based assets. The presumption that reconnaissance satellites can operate covertly is obsolete. Tracking US reconnaissance satellites can provide valuable support to a hostile country's concealment and deception programs. Iraq's ability to conceal both major weapons programs and many SCUD launchers is a warning of the serious consequences such programs can have. Space surveillance systems of the type likely to be acquired by Third World countries are inconspicuous and may well go undetected, while direct ascent ASAT rockets are within the reach of many countries. This article argues that fundamental reexamination of the functions and architecture of US overhead reconnaissance is needed, and should be done outside the traditional Cold War bureaucratic structures.
The widely discussed use of US reconnaissance satellites during the Gulf War will strongly motivate future regional adversaries to seek ways of countering US space-based assets. The presumption that reconnaissance satellites can operate covertly is obsolete. Tracking US reconnaissance satellites can provide valuable support to a hostile country's concealment and deception programs. Iraq's ability to conceal both major weapons programs and many SCUD launchers is a warning of the serious consequences such programs can have. Space surveillance systems of the type likely to be acquired by Third World countries are inconspicuous and may well go undetected, while direct ascent ASAT rockets are within the reach of many countries. This article argues that fundamental reexamination of the functions and architecture of US overhead reconnaissance is needed, and should be done outside the traditional Cold War bureaucratic structures.
Mike McCants' Satellite Tracking TLE ZIP Files
The "McCants" weekly file has approximately 1570 LEO satellite elements (including elements on classified satellites). This file is updated daily about 4:25PM Central Time. The "higher drag" and "visual" elements are updated daily. The other OIG elements are updated on Wednesday and Thursday afternoons. The classified objects are updated whenever I receive and process observations.
The "McCants" weekly file has approximately 1570 LEO satellite elements (including elements on classified satellites). This file is updated daily about 4:25PM Central Time. The "higher drag" and "visual" elements are updated daily. The other OIG elements are updated on Wednesday and Thursday afternoons. The classified objects are updated whenever I receive and process observations.
Thursday, August 09, 2001
The NT Toolbox
This page contains links to files we are making available for download here. This may change around from time to time. Click on the appropriate link to begin downloading. Please do not send any email asking support for these. These programs are freely available on the Internet. We just thought we'd save you the trouble of scouring for the best utilities. ,
This page contains links to files we are making available for download here. This may change around from time to time. Click on the appropriate link to begin downloading. Please do not send any email asking support for these. These programs are freely available on the Internet. We just thought we'd save you the trouble of scouring for the best utilities. ,
Foundstone
As part of our ongoing R&D efforts, the Foundstone team has created several unique utilities that have assumed an indispensable place in our security toolkit. Foundstone programmers wrote these utilities, and we use them in our own security assessments. Foundstone is providing the software free of charge to the public.
As part of our ongoing R&D efforts, the Foundstone team has created several unique utilities that have assumed an indispensable place in our security toolkit. Foundstone programmers wrote these utilities, and we use them in our own security assessments. Foundstone is providing the software free of charge to the public.
..:: CD Freaks ::.. [ The Power of United Burners ] - [ Main Page ]
How to bypass the anti-copy measurements on CD's.
How to bypass the anti-copy measurements on CD's.
Monday, August 06, 2001
My Code Red Advisory
A new worm appeared on the Internet and began propagating using Microsoft's increasingly infamous "Can O'Worms" IIS web servers.
Calling itself CodeRedII, this is a completely new worm, written from scratch and with a very different agenda and replication technology.
Monday, July 30, 2001
This is hackerheaven, a site for hackers, by hackers. With hacker, I mean the hacker mentioned in the Jargon file (no, not the one carving furniture :)
Dshield - Distributed Intrusion Detection System
DShield.org is an attempt to collect data about cracker activity from all over the internet. This data will be cataloged and summarized. It can be used to discover trends in activity and prepare better firewall rules.
Right now, the system is tailored to simple packet filters. As firewall systems that produce easy to parse packet filter logs are now available for most operating systems, this data can be submitted and used without much effort.
More complex patterns, such as are used by application level firewalls may be handled in the future.
Cops, Crimes and HAL2001
HAL2001 is an event similar to HIP97, where hackers come together, learn about lots of nifty new stuff and pick each others brains clean. Unfortunately, a lot of scriptkiddies that call themselves 'hackers' attend as well, and usually only because of the 1 Gbit uplink that will be present.
Rop Gonggrijp (from hacktic fame) wrote a short text about HAL2001, targeted at that dubious group of people. A fun read for real hackers (tm) and a wise lesson for neophytes. Read on for the text.
HAL2001 is an event similar to HIP97, where hackers come together, learn about lots of nifty new stuff and pick each others brains clean. Unfortunately, a lot of scriptkiddies that call themselves 'hackers' attend as well, and usually only because of the 1 Gbit uplink that will be present.
Rop Gonggrijp (from hacktic fame) wrote a short text about HAL2001, targeted at that dubious group of people. A fun read for real hackers (tm) and a wise lesson for neophytes. Read on for the text.
Hacker Grabs JDS Earnings Release Prior To Posting
Executives at the fiber-optics company, based here, said during the company's earnings call Thursday that a hacker gained access to a draft of its fourth-quarter financial release as it was being prepared for the company's Web site. JDS quickly halted trading of its stock because of the incident.
JDS had its earnings release ready to post on its Web site with the push of a button Thursday, and someone was able to guess the release's URL before it became public on the site, a company spokesman said Friday.
Executives at the fiber-optics company, based here, said during the company's earnings call Thursday that a hacker gained access to a draft of its fourth-quarter financial release as it was being prepared for the company's Web site. JDS quickly halted trading of its stock because of the incident.
JDS had its earnings release ready to post on its Web site with the push of a button Thursday, and someone was able to guess the release's URL before it became public on the site, a company spokesman said Friday.
Subscribe to:
Posts (Atom)
