Saturday, June 30, 2007

Microsoft UK Site Defaced by SQL Injection

Via Zone-H -

Very little time has passed from the last Microsoft defacement (Microsoft Technet), when yesterday Saudi Arabia crackers successfully compromised another Microsoft website:

Microsoft.co.uk at the page http://www.microsoft.co.uk/events/net/eventdetail.aspx?eventid=8399.

At the time being, the defacement is still up and running even though not every browser will be capable to show it as too many users are trying now to load the hacker's injected CSS (Cascading Style Sheet) located on an external host (h.1asphhost.com) which now has is suffering slow response time.

The technique used by the attacker to deface Microsoft's page is probably based on a kind of SQL flaw (sql injection). In fact, after a short investigation we noticed how the V2 parameter passed to the PreRegister.aspx script, allows to execute both Cross Site Scripting attacks as well as SQL injection attacks, as you can deduct from the debug error message generated by the application.

-----------------------------------

The defacement is no longer up...and hopefully those database passwords have been rotated. The Saudi Arabia cracker later posted a video detailing the exact method of defacement.

The video shows that Zone-H was correct in their theory of attack.

Mpack & Storm Worm Creators Turn on Each Other

Via SecurityFix -

Just as thugs and drug dealers jealously guard their street corners with destructive turf wars, online spammers and other shadowy characters have been known to attack one another for control over virtual real estate. This week, security experts spotted a nasty tussle brewing between criminals who operate two of the largest networks of hijacked computers used to blast out spam.

This latest cyber crime feud stars the folks behind the massively successful "Storm worm," and the crooks responsible for unleashing the recent Mpack online attack tool. The Storm worm surfaced earlier this year, initially posing as video clips of a European windstorm that killed dozens of people. Computers infected with it were merged into a botnet whose sole purpose appears to be using them to relay junk e-mail. Storm also plants a "rootkit," or set of files designed to hide the malicious software from security programs and prevent its removal.

This month's Mpack attack tool apparently removes a number of rootkits from computers it infects, to make room for its own. Rootkits have a tendency to make infected systems unstable and prone to crashing, and multiple rootkits on a single machine often render the host unusable.

Apparently, the Storm worm folks weren't too happy about this development. They are currently attacking the Web server that Mpack uses to fetch configuration files for spam runs, according to MyNetWatchman, a company that monitors hacking and spamming activity.

The individuals behind the Storm worm have launched similar attacks against security researchers and groups working to stymie the operations of cyber criminals. It's nice to see the bad guys training the big guns on each other for a change.

Black Hat Talk on TPM & BitLocker Hacking Pulled

Via ComputerWorld -

June 28, 2007 (Network World) -- A presentation scheduled for Black Hat USA 2007 that promised to undermine chip-based desktop and laptop security has been suddenly withdrawn without explanation.

The briefing, "TPMkit: Breaking the Legend of [Trusted Computing Group's Trusted Platform Module] and Vista (BitLocker)," promised to show how computer security based on trusted platform module (TPM) hardware could be circumvented.

"We will be demonstrating how to break TPM," Nitin and Vipin Kumar said in their abstract for their talk that was posted on the Black Hat site but was removed overnight Monday.
"The demonstration would include a few live demonstrations. For example, one demonstration will show how to login and access data on a
Windows Vista System (which has TPM + BitLocker enabled)," the abstract said.

BitLocker is disk-encryption technology in Microsoft's Vista operating system that relies on TPM to store keys.

In an e-mail, Vipin Kumar says, "We have pulled back our presentation from ... Black Hat. So, we won't be presenting anything related to TPM/BitLocker in Black Hat. ... We would not like to say anything about the TPM/BitLocker for the time being." He didn't respond to inquiries about why the brothers withdrew.

A spokesman for the conference was unable to offer more information. "At their request, they are no longer presenting. That is all the info I have," said the spokesman, Nico Sell, in an e-mail.

The conference brings together technically savvy security experts from business, government and the hacking community to discuss the latest security technologies. Frequently, Black Hat briefings become controversial because they point out previously unknown weaknesses in products or technologies.

The Kumars' promised exploit would be a chink in the armor of hardware-based system integrity that TPM is designed to ensure.

Car Crashes into Scottish Airport

Via Al Jazeera -

A Jeep Cherokee with flames pouring from it has rammed into the main terminal of Glasgow airport in Scotland.

The vehicle was driven at full speed and crashed into glass doors at the entrance to the airport. The crash sparked a fire and the airport has been evacuated.

A Glasgow police spokeswoman said there were no immediate reports of any injuries and that the blaze had been extinguished.

She said two people had been arrested following the incident.

...

Police would not confirm if there was any link between saturday's incident and two failed car bombs foiled by police in central London on Friday.

The office of Gordon Brown, Britain's new prime minister, said he was "being kept aware" of the situation.

Susie Cormack, reporting for Al Jazeera at the airport, said the two men who were arrested were believed to be the driver of the Jeep and a passenger, contradicting earlier reports that there was only one person in the vehicle.

Cormack said the car looked as if it was on fire when it hit a barrier near the main terminal.

The driver then got out of the car "took out what looked like a container of flammable liquid, doused himself in it, set himself on fire and set off to the main terminal and through to the departure hall."

Cormack said the man was unable to make it to the hall as he was accosted by airport security who tried to put the fire out.

The incident has caused chaos on a busy Saturday in what is holiday season in Scotland.

Ian Crosby, a taxi driver outside the terminal, said: "It raced across the central reservation and went straight into the building.

"It would appear to me to have been a deliberate attack. I think this was a terrorist attack."

Chavez Goes Submarine Shopping in Russia

Via Al Jazeera -

The Venezuelan president is visiting Russia, apparently shopping for hardware to boost its military against the US.

Vladimir Putin, the Russian president, welcomed Hugo Chavez for talks at the Russian presidential retreat outside Moscow on Thursday, saying economic affairs and military-technical co-operation were on the agenda.

Last July, Chavez spent billions of dollars on Russian helicopters, arms and fighter jets. This time he is thought to be shopping for submarines.

"So I came to Moscow to talk to Vladimir and after four months we had Sukhoi planes flying over Caracas. And now we have our first fleet of aircraft.

"This is what we call solidarity; this is what we call independence."

Russian newspaper Kommersant reported this month that Chavez was expected to sign an initial contract that would include five Project 636 Kilo-class diesel submarines, and possibly four other submarines later, although the Venezuelan defence minister denied it.

Caracas already has purchased about $3 bn worth of arms from Russia, including 53 military helicopters, 100,000 Kalashnikov rifles, 24 SU-30 Sukhoi fighter jets and other weapons.

Iranian Gov Backs Itself into Corner Over Fuel Rationing

Via Al Jazeera -

Petrols stations are still busy with long queues a day after the Iranian government unexpectedly began rationing petrol.

Al Jazeera's Alireza Ronaghi explains why the Iranian government was forced into an unpopular announcement that caused mayhem in the capital Tehran on Tuesday night.

There has been no petrol rationing system in Iran since 1989, when a limit of 60 litres per month was lifted as the country underwent a period of reconstruction after eight years of war with Iraq.

Mahmoud Ahmadinejad, the Iranian president, was swept to power two years ago hailing a return to the values of the Islamic revolution in 1979 so it is ironical that his government has done something that literally reminds the people of that time.

"The people will get used to it like many other limitations in their lives and the queues will disappear eventually," Siavosh Parand, a Tehran citizen who waited for 35 minutes to reach a pump, told Al Jazeera.

...

Asghar Tavakkol, a petrol station worker, said the pumps are easily reachable at four in the morning, but most people were not going to find it easy to get used to.

When rationing was announced late on Tuesday, people were taken off-guard and many rushed to stations to get their share of the last drops of limited petrol.

During the hours that followed, at least six gas stations and a bank were set on fire and a chain store was looted by opportunists and thugs who seemed to be awaiting the instability.

...

Iran is the world's fourth-largest exporter of crude oil, but it has not been able to develop enough refining capacity to produce the petrol it needs.

With one million new cars added every year to the existing engines guzzling petrol in Iran, the country's consumption has hit a record 70 million litres per day, 40 per cent of which has to be imported.

The government has been under pressure since March 2006 to come up with a plan to limit ever-increasing consumption, however it has previously avoided the politically unpalatable decision to ration petrol.

About $5.5bn had been allocated to pay petrol imports, which were heavily subsidised and sold for as cheap as $0.09 per litre, up until March.

But the situation became desperate after the government decided to spend no more than $2.5 billion over the next twelve months.

The new budget was not even enough for six month of petrol imports and imposing a rationing system was the only way out.

The principle element of the plan was to train people to use smart cards when filling their tanks.

Although governmental institutions have been working furiously to prepare the infrastructure and distribute the smart cards, the lack of order and co-ordination has made many people concerned.

Some people have not received their cards yet, and they have been using borrowed smart cards since it became obligatory to use them earlier this month.

Imposing a rationing system has been a tough decision as both the government and the parliament were voted in after advocating populist economic policies.

Ahmadinejad came to power after promising to make poor people's lives easier and distribute the oil money in a fair way, so such a move has been unacceptable to many of his supporters.

The coming months will show how the rationing system will affect Iranian society and politics, but a parliamentary election is planned for March 2008 and the conservative-dominated parliament could be forced to regret its bold decision.

Internet to Become More Multilingual

Via Mail & Guardian Online (South Africa) -

The internet's key oversight agency is on track to start testing addresses entirely in foreign characters by November, but rules for determining which ones to permit likely will take another year or two to develop.

Individuals and companies outside the United States long have clamoured for non-English scripts, finding restrictive the current limitation of domain names to 37 characters: a to z, 0 to 9 and the hyphen.

Addresses partly in foreign languages are sometimes possible, but the suffix -- the ".com" part of an address -- for now requires non-English speakers to type English characters.

The "live" tests later this year are designed to make sure browsers, email programs and other applications will work well with the foreign characters, said Vint Cerf, chairperson of the Internet Corporation for Assigned Names and Numbers (Icann).

"We've already done the testing in the laboratories," Cerf said as Icann's general meetings ended on Friday in San Juan, Puerto Rico. "We're confident that none of the infrastructure is likely to encounter a problem, but you really don't know until you are in the live environment."

Thus, engineers are planning to feed the internet's domain-name directories with nonsensical strings that can be removed quickly should trouble arise. Even if they succeed, however, more work remains on developing policies on such names.

MI-6 Tries to Recruit Former FSB Agent

Via itar-tass.com (Russia) -

MOSCOW, June 29 (Itar-Tass) -- The Federal Security Service has disclosed the name of a Russian citizen, who got in touch with the FSB in early June and said that British secret services tried to recruit him.

“The Britons were trying to recruit former security service officer Vyacheslav Zharko,” a source at the FSB public relations center told Itar-Tass on Friday.

Zharko said that exiled tycoon Boris Berezovsky knows him under a different name. They got acquainted in the 1990s, and Zharko was running Berezovsky’s errands.

The tycoon invited Zharko to London in summer 2002 and introduced him to Alexander Litvinenko. The latter introduced him to certain representatives of a consulting company, who appeared to be agents of British secret services, the source said.

-------------------------------

<sarcasm>

Are they suggesting that government spy agencies are in the busy of recruit spies from other nations? That is just silly....

</sarcasm>

Plus they are basically stating (again) that Alexander Litvinenko had some indirect connection to agents of British secret services...thru Boris Berezovsky.

Austinites Ranked Worst Drivers in Texas

Via Austinist (June 22th) -

According to the 2007 Allstate America’s Best Drivers Report™, Austinites get into more crashes than drivers in any of the 20 other Texas cities on the list. Austin ranked 179 out of 197 cities nationwide and Austin drivers are 31% more likely to get into a crash than the average American driver. Motor vehicle traffic crashes are the leading cause of death for Americans aged 4 to 34.

Why is Austin so bad? Sorority sisters sporting SUVs? Road-raging Round Rockians? Hopped-up hipsters in hybrids? Californian carpetbaggers? Let's group Austinites into vaguely offensive generic groups and assign blame for our city's ills (alliterative categories only, please). Ok? Go.

------------------------------

I like to blame it on the poor road system...lol

Austin is Being Googled

Via Austin Statesman (June 14th) -

The Internet search leader is looking for an engineering director in Austin to head up a group of 100 or more engineers. In another job posting, the Mountain View, Calif.-based company says it is seeking software engineers in Austin.

Google declined to confirm whether the company intends to open a research and development center here but said that Austin is on its radar.

...

"Austin is a natural fit for a company like Google," said Bob Smith, principal at high-tech firm consulting firm Bridgepoint Consulting LLC of Austin. "Our work force looks very similar to what they have in Silicon Valley, but at a much lower cost. We've got the universities with engineering talent, and we've got the direct flights and connectivity to get back and forth."

Austin has the specific technical skills that match Google's personnel needs, said recruiter Kim Butler, who heads Greywolf Consulting Services Inc.

"Google encompasses areas where Austin is strong and long," Butler said. "We have silicon expertise and systems expertise in high-end servers, and Austin has always been a software town."

Austin is also a cultural fit for Google, which is known for a youthful, freewheeling attitude that encourages risk-taking. The company stresses that it looks for ability more than experience when it hires, and it is famous for employee perks.

"Austin is a great free-thinking town," Butler said. "For a company that wants to come in and attract freethinkers, where else in the state of Texas are you going to find that?"

Friday, June 29, 2007

The Clearest Ocean Waters on Earth

Via Newscientist.com -



As clear as the clearest lakes on the planet, salty as ocean waters, and roughly the size of the Mediterranean – this, say researchers, is the clearest and most lifeless patch of ocean in the world. And it is in the middle of the Pacific.

"Satellite images that track the amount of chlorophyll in ocean waters suggested that this was one of the most life-poor systems on Earth," explains Patrick Raimbault of the University of the Mediterranean, in Marseille, France.

In October 2004, Raimbault and colleagues set out to study the remarkable patch of ocean water on a three month cruise – called BIOSOPE – that left from Tahiti in French Polynesia, passed by Easter Island and ended on the Chilean coast. Along the way, they sampled the water's chemistry, physics and biology.

Marc Tedetti, also from the University of the Mediterranean, was on the expedition to investigate the water's clarity. He was struck by the colour of the water, which he describes as closer to violet than to blue (see image, above).

Gartner: Keep The iPhone Out Of The Corporate Enterprise

Via InformationWeek -

Gartner analysts are warning IT administrators to take one great big step back away from the iPhone.

While generally it's a good idea to enable workers to use their favorite personal tech on the job, that's not the case with the iPhone -- at least not yet, said Ken Dulaney, VP of mobile computing at Gartner.

"IT will see a flood of requests for it immediately," Dulaney told InformationWeek. "We're giving backing to IT managers faced with users who want support. If you work for General Motors and you go out and buy an iPhone and use it for yourself, I don't have a problem with that. But when you start to ask the enterprise IT person for access to corporate systems with it, that's a problem."

The device, despite the furor that's been building up around it, simply isn't enterprise ready, said Dulaney, who noted in a report that if left unchecked, the iPhone and its security and service needs could quickly overwhelm IT priorities.

--------------------------------

Those geeks over at ThinkSecret had this to say....

Sources add that the iPhone supports Microsoft Exchange servers, adding that Apple has likely licensed Microsoft's ActiveSync to accomplish that integration.

When asked about corporate email in a USA Today interview, Apple CEO Steve Jobs replied, "You'll be hearing more about this in the coming weeks. We have some pilots going with companies with names you'll recognize. This won't be a big issue."

Five Al-Qaeda Suspects Arrested In An Mauritanian Internet Cafe

Via internet-haganah (June 26th) -

The recent arrest of five al-Qaeda suspects in an internet cafe in the Mauritanian capital, Nouakchott is the latest signal that the terror network is increasingly favouring the Web to recruit operatives and to communicate with its various cells in Africa, Arabic daily al-Watan reports. The suspects - two Algerians, two Moroccans, and Mauritanian - were arrested on Sunday during raids of three Internet cafes close to the Palestinian embassy carried out by Mauritanian anti-terror police, the paper said.

The five suspects are members of the Al-Qaeda Organisation in the Islamic Maghreb - formerly the GSPC (the Algerian Salafite Group for Preaching and Combat) - and had recently entered Mauritania, according to police. Their role was to plan and carry out an attack in Noakchott on behalf of the group and also recruited several locals to the jihadi cause.

The GSPC pledged allegiance to al-Qaeda last year and changed its name to the Al-Qaeda Organisation in the Islamic Maghreb in January.

London's Close Call with Malfunctioning Car Bombs

Via ABC News -

British police have a "crystal clear" picture of the man who drove the bomb-rigged silver Mercedes outside a London nightclub, and officials tell the Blotter on ABCNews.com he bears "a close resemblance" to a man arrested by police in connection with another bomb plot but released for lack of evidence.

Officials say the suspect had been taken into custody in connection with the case of al Qaeda operative Dhiren Barot (pictured), who was convicted of orchestrating a vehicle bomb plot involving targets in London, New York, Newark, N.J. and Washington, D.C.

U.S. and British law enforcement officials tell ABC News it is increasingly clear Friday's bomb plot in London involves multliple vehicles, and is described by a senior official as a "terror plot involving lslamic extremists."

The silver Mercedes sedan discovered early Friday morning outside the Tiger Tiger nightclub in Piccadilly Circus appears to have been stolen in early June and was spotted in the last two days, first in Scotland and then in Birmingham, England, according to law enforcement officials.

The car contained five or six propane and butane gas cylinders as well as 33 gallons of gasoline, all rigged to detonate with calls to two cell phones. Officials say the cell phones failed to initiate the explosions, even after each phone had been called twice.

------------------------------------

So you have a suspect that might be connected to another convicted car bomber, released for lack of evidence....a stolen car and a bomb that failed to detonate...not good.

However, the bombs did not detonate therefore they may hold vast hold of useable intelligence information.

Can the phones be connected to someone? Fingerprints? Bomb design? Materials used? Documents in the car? etc.

Check out the CT blog for more in-depth coverage.

CBS News reports that "Hours before London explosives technicians dismantled a large car bomb in the heart of the British capital's tourist-rich theater district, a message appeared on one of the most widely used jihadist Internet forums, saying: 'Today I say: Rejoice, by Allah, London shall be bombed.' This was on the "al Hesbah" chat room by a person who goes by the name "Abu Osama al-Hazeen".

It should also be noted that the Northeast Intelligence Network is stating the following...

According to police and intelligence officials, the car bomb discovered early this morning outside of the London nightclub Tiger, Tiger met the very specifications from a 39-page explosives manual titled Rough Presentation for the Gas Limos Project authored by al Qaeda terrorist Dhiren BAROT, pictured above. The manual was the product of 12 months of research by BAROT that outlines an intricate plan to pack vehicles – particularly limousines - with explosives and gas cylinders, park them in car parks beneath buildings and detonate them.

PandaLabs - A Profitable Use of Stolen Credit Cards

Via PandaLabs Blog (jun 27th) -

We have often talked about the freedom with which certain cyber-crooks circulate around the Internet, but I must admit that even I am surprised sometimes…

The theft of credit card details and trading of this information is the order of the day. How is this information being used? We could make assumptions, carry out research or try to infiltrate some of these groups, but…why bother if they talk about it all so openly on their websites?

This is what appears on one of these websites:

..::Photo of Russian Site::..

As usual, everything is in perfect Russian. Basically, they are selling laptops, PDAs, cell phones, etc. for 20% of their real value. How is this possible? Well, if you visit their section "Answers to frequently asked questions-F.A.Q.", the first question is: How can you offer such good prices? Pay attention to the answer:

"It’s very simple. We buy these products in Western countries with stolen credit cards. You don’t run any risk when purchasing these products."

It couldn’t be any clearer. They even have a section for partners, where you are given the code you must include on your website and you get 25% of the money that comes from your website.

---------------------------------

Big ups to Fergie for the link...

II7 on Server Core Doesn't Support .NET Framework

Just the other day, a friend dropped by my desk to tell me about something he heard for Server Core Installs of Windows Server 2008.

The Server Core installation option of the Microsoft Windows Server 2008 operating system is a new option for installing Windows Server 2008. A Server Core installation provides a minimal environment for running specific server roles that reduces the maintenance and management requirements and the attack surface for those server roles.

This sounds like a great method of running a secure webserver. But, it looks like IIS7 on ServerCore will not support .NET Framework, at least not yet. So that means no ASP.NET on IIS7 installed under ServerCore.

I guess they are pushing ServerCore more for DHCP, DNS and other server functions.

Cisco IOS Exploitation Techniques

It has been more than a year since Michael Lynn first demonstrated a reliable code execution exploit on Cisco IOS at Black Hat 2005. Although his presentation received a lot media coverage in the security community, very little is known about the attack and the technical details surrounding the IOS check_heaps() vulnerability. This paper is a result of research carried out by IRM to analyze and under the check_heaps() attack and its impact on similar embedded devices. Furthermore, it also helps developers understand security-specific issues in embedded environments and developing mitigation strategies for similar vulnerabilities. The paper primarily focuses on the techniques developed for bypassing the check_heaps() process, which has traditionally prevented reliable exploitation of memory-based overflows on the IOS platform. Using inbuilt IOS commands, memory dumps and open source tools IRM was able to recreate the vulnerability in a lab environment. The paper is divided into three sections, which cover the ICMPv6 source-link attack vector, IOS Operating System internals, and finally the analysis of the attack itself.

http://www.milw0rm.com/papers/166

Microsoft Excel 2000/2003 Sheet Name Vulnerability PoC

Right now, this is just a DoS...but Code Execution has not been ruled out.

http://pstgroup.blogspot.com/2007/06/exploitmicrosoft-excel-20002003-sheet.html

Vuln Exposed by: ZhenHan.Liu
Team: Ph4nt0m Security Team
http://www.ph4nt0m.org

Tested on: Full Patched Excel 2003 Sp2, CN

PoC Excel File = http://www.milw0rm.com/sploits/06272007-2670.zip

First Look @ NessusClient 3.0.0 Beta 1

Via Tenable Blog -

Tenable Network Security has made available a BETA version of the new NessusClient 3.0. This Nessus client can be used to connect to any Nessus scanner and perform scans, manage scan policies and analyze results. It has a consistent user interface across Mac OS X, Windows and Linux operating systems. The BETA currently includes support for:
  • instant availability of results during active scans
  • managing connections and credentials for multiple Nessus scanners
  • managing multiple vulnerability scan policies
  • saving the Nessus scanner information, scan polices and results as a unique document-based "session"
  • dynamically offering plugin preferences management for scan settings
  • new report results format which combines scan policy with results
-----------------------------------------

I recently installed Nessus 3.1.4 beta on a CentOS 5 image, so I figure why not give NessusClient 3.0.0 beta a spin.

Here are some quick screenshots.

Main Window


Adding Target Host


Policy Editor


Policy Editor (dropdown box)


Viewing Results with Scan in Progress


Medium Issue Highlighted in Yellow


Reports can be exported in HTML, NBE or NSR.


The layout is much easier to understand than the old NessusClient 1.0. The dropdown boxes help to keep all the options out of your way, but easy to find for modification. The ability to view the results in real-time (scan in progress) is very cool and a great time saver. Findings can be manually verified as soon as they are found...no more waiting.

Tools of the Trade - Configure, Make, Make Install

1) On June 28th, Wireshark 0.99.6 was released. At blog time (12:04am Friday), it hasn't been released officially, however the source code is in the SVN. Expect it to be released soon. Wireshark 0.99.6 fixes the following vulnerabilities:
  • Wireshark could crash when dissecting an HTTP chunked response. (Bug 1394)
    Versions affected: 0.99.5
  • On some systems, Wireshark could crash while reading iSeries capture files. (Bug 1415)
    Versions affected: 0.10.14 to 0.99.5
  • Wireshark could exhaust system memory while reading a malformed DCP ETSI packet. (Bug 1264)
    Versions affected: 0.99.5
  • Wireshark could loop excessively while reading a malformed SSL packet. (Bug 1582)
    Versions affected: 0.8.20 to 0.99.5
  • The DHCP/BOOTP dissector was susceptible to an off-by-one error. (Bug 1416)
    Versions affected: 0.10.17 to 0.99.5
  • Wireshark could loop excessively while reading a malformed MMS packet. (Bug 1342)
    Versions affected: 0.10.12 to 0.99.5
2) On June 28th, Tenable Security released NessusClient 3.0.0 Beta 1. NessusClient 3 is a completely redesigned GUI for the Nessus server, which offers the same experience for Windows and Linux Mac OS X users have been experiencing for several months. Its key features are the following :
  • Real-time results - No need to wait until the end of a scan to start analyzing the findings of Nessus
  • Document based - Save your policies, scan results and scan targets into a single file
  • New file format - The new '.nessus' file format (which is XML based) saves into a single file your scan policies, scan targets and scan results
  • Multiple connections - NessusClient can connect to several scanners at the same time
  • Consistant interface - The same interface exists on Mac OS X, Windows and Linux
3) On June 26th, Tenable Security released Nessus 3.0.6. This release contains the following fixes and enhancements :
  • Fixed a cross site scripting vulnerability in the Windows GUI
  • Fixed a possible segfault condition occuring when multiple clients simultaneously log into the nessusd server
  • Fixed a memory leak in nasl scripts containing a function on_exit()
  • Improved performance when logging into nessusd
  • The scan does not fail any more if the main nessusd process runs out of file descriptors (this would occur on Solaris with max_host set to a value higher than 200)
  • Several fixes in the NASL interpreter
  • Builds for Fedora Core 7 and Red Hat ES 5
4) On June 26th, 7-Zip 4.4.8 Beta was released. 7-Zip is open source software. Most of the source code is under the GNU LGPL license. The AES code is under a BSD LICENSE. The unRAR code is under a mixed license: GNU LGPL + unRAR restrictions.

5) On June 25th, Aircrack-NG 0.9.1 was released. Aircrack is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured.

6) On June 22nd, Apple released Safari 3.0.2 Beta for Windows. Changes in Safari 3.0.2 for Windows beta:
  • Latest security updates
  • Improved stability
  • Fixes for text display, non-English systems, and start-up times
7) On June 20th, Icesurfer released SQLNinja 0.1.2. Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end.

8) On June 20th, Secure Systems Lab at the Technical University of Vienna released Pixy v3.02. Pixy is a Java program that performs automatic scans of PHP 4 source code, aimed at the detection of XSS and SQL injection vulnerabilities. Pixy takes a PHP program as input, and creates a report that lists possible vulnerable points in the program, together with additional information for understanding the vulnerability.

9) On June 19th, Oxid.it released Cain & Abel 4.9.4. New features:
  • Automatic Certificate Collector for FTPS (implicit), IMAPS and POP3S protocols.
  • FTPS Man-in-the-Middle Sniffer and password collector.
  • POP3S Man-in-the-Middle Sniffer and password collector.
  • IMAPS Man-in-the-Middle Sniffer and password collector.
  • Added Windows Mail (Vista) Password Decoder for POP3, IMAP, NNTP, SMTP and LDAP accounts.
  • Added PTW WEP cracking attack.
  • Added Windows Vista support in Wireless Password Decoder.
  • Wireless Password Decoder now uses DLL injection under XP.

10) On June 10th, Andres Riancho released W3AF Beta 4. W3AF is a open-source python based framework for auditing and attack web applications. Check the UserGuide (PDF) for all the details.

Thursday, June 28, 2007

Romanian NASA Hacker Appears in Court

Via scmagazine.com -

A Romanian hacker accused of breaking into the networks of NASA and other federal agencies appeared in a Romanian court on Tuesday.

Victor Faur, 26, a native of the western Romanian town of Arad, faces trial there after arrest by state prosecutors in his home country. He faces a dozen years in prison, according to numerous published reports.

U.S. authorities have claimed $2 million in damages from the attack, which allegedly took place between November 2005 and September 2006 and targeted servers belonging to NASA, the U.S. Navy and the Department of Energy.

Rootkit Challenge Accepted - For a Price

Via SecurityFocus -

Four well-known researchers challenged rootkit guru Joanna Rutkowska on Thursday to prove that a rootkit can be made undetectable.

The four researchers -- independent Dino Dai Zovi, Peter Ferrie of Symantec, Nate Lawson of Root Labs (corrected) and Thomas Ptacek of Matasano -- stated that any rootkit that runs on the host of a virtual environment, leaves so many telltale signs that it can be detected.

Last year, Dai Zovi and Rutkowska unveiled separate projects that use the hypervisor virtualization technology on AMD and Intel processors to create hard-to-detect rootkits, a technique dubbed "hyperjacking". Rutkowska called her project "Blue Pill," after the object in the movie The Matrix that would leave the protagonist Neo in the virtualized environment still controlled by the machines.

In answering the challenge in a blog post on Thursday, Rutkowska said she will take the bet, but only if the challengers found a sponsor to pay her and her company's co-founder for the time to create the code at a whopping $416,000 price tag.

"Our current Blue Pill has been in the development for only about two months -- please note that we do not have rights to use the previous version developed for (my previous company) -- and it is more of prototype, with primary use for our training ... rather then a 'commercial grade rootkit'," she said, adding that to bring Blue Pill up to snuff would be a six-month project for two people and named a rate of $200 per hour to create the code.

Rutkowska outlined additional rules that she believes would make the contest a fair challenge, including running five machines, which would reduce the probability that random guesses would result in the correct identification of infected machines to 3 percent. Symantec is the parent company of SecurityFocus.

----------------------------

Joanna's respond is rather interesting. She wants to be paid for her time and effort, like any security researcher. Those that challenged her understand this as well, especially Dino Dai Zoni.

He found and developed a new zeroday in Quicktime during CanSecWest...but only after money was offered for reward. He didn't want the free Apple laptop, he wanted the money.

The money made the time and effort worth it...will they extend the same honor to Joanna?

The challengers have a good case for claiming that detectors are favored to win, but only time and perhaps a large amount of coding will set the record straight....for now.

The Gambit has been played, will it be accepted....

Facebook & Private Information

Via theregister.co.uk -

Facebook users who like to control who gets to see your account details, take note: political views, religious back ground and other sensitive details may be wide open to prying eyes even though you've configured your profile so its viewable only to designated friends.

That's because the user setting that allows only designated friends to view a user's profile has no effect on whether the contents of that profile can be searched by the Facebook community at large. Users who want to block their profiles from being searched must go through an additional step.

It's hard to imagine why someone would want to block strangers from reading their profile and at the same time opt to have their profile contents searchable by any Facebook user. And it's even harder to understand why Facebook search by default indexes profile contents, rather than the other way around.

But that's the way Facebook has been doing things since at least September, according to Chris Soghoian, a graduate student at Indiana University who blogs about the quirk here.

Hacking RFID/EPC in Shipping Trucks

Via Fobes & RootSecure -

Now even truckers will need to worry about RFID security: Researchers say they have discovered that they can scan and hack electronic product code (EPC) labels on products being transported on 18-wheeler tractor-trailers.

Researchers at PacketFocus Security Solutions , with the help of researchers at Atlas RFID Solutions, so far have been able to easily read EPC codes using standard EPC Generation 2 readers and antennas, says Joshua Perrymon, hacking director for PacketFocus Security Solutions. The firm recently rented an 18-wheeler from a local freight company and loaded it with EPC-tagged boxes to test out just what data can be intercepted from the big rigs. "We wanted to determine what information we could glean from outside the truck," Perrymon says.

Cyber Warfare - An Analysis of the Means and Motivations of Selected Nation States

Report released by the Institute for Security Technology Studies at Dartmouth College in December 2004. A bit outdated, but still a good overall security read. Props to Rootsecure.net for the find.
--------------------------------------

FOREWORD

This study, written in response to a grant provided by the Department of Homeland Security, assesses potential foreign computer threats to information technology networks in the United
States. In focusing on overseas cyber threat capabilities, one of the thrusts of this study is to dispel popular myths and anecdotal understanding about the nature and degree of the cyber threat—taking into account public and private digital network vulnerabilities. Our goal is to examine the open source evidence to develop a rigorous and dispassionate assessment of both cyber “offense” by selected nation states and the likely impact of an attack through the wires on the United States.

Cyber warfare involves units organized along nation-state boundaries, in offensive and defensive operations, using computers to attack other computers or networks through electronic means. Hackers and other individuals trained in software programming and exploiting the intricacies of computer networks are the primary executors of these attacks. These individuals often operate under the auspices and possibly the support of nation-state actors. In the future, if not already common practice, individual cyber warfare units will execute attacks against targets in a cooperative and simultaneous manner.

A key premise of the present report is that information processing—whether by equipment (computers) or by humans— is becoming a “center of gravity” in future warfare. Nation-states, including the United States, reconnoiter and probe to identify exploitable digital network weaknesses among potential adversaries. Our immediate goal is to both imagine and define how foreign cyber attack capabilities might threaten information networks in the United States and what potential effects they might have. The discussion focuses on relatively arcane, non-sensational concepts and terms such as packet-switched networks, grid topologies, bandwidth, reconnaissance, asymmetric doctrine, and convergence.

The Institute for Security Technology Studies at Dartmouth College is concerned, in part, with securing computer systems against intrusion and building secure trust relationships among networked computing devices. It is our hope that by making the findings in the present study accessible to the general reader, we will illuminate current issues, foster practical discussions, and stimulate appropriate policy solutions to the challenges identified.

Full PDF - http://www.ists.dartmouth.edu/directors-office/cyberwarfare.pdf

Wednesday, June 27, 2007

Space Driving - Orbital Outfitters

Via PopSci -

For sport or safety, hurtling to Earth from space without the protective shroud of a heavily engineered space vehicle seems like sheer lunacy—a hellish descent punctuated by intense heat and terminal, well . . . splatter. But believe it or not, the physics actually works out. With a heat-resistant space suit and the right kind of chutes, such a daredevil plunge should indeed be possible. And with the right people involved, it edges into the realm of the probable.

Two veterans of the space industry are working to make the idea real. While the rest of today’s space-bound private enterprises—Richard Branson’s Virgin Galactic, XCOR Aerospace, Jeff Bezos’s Blue Origin—are fixated on getting humans to space, a company called Orbital Outfitters is working on an innovative way of bringing them back, whether it’s done purely as a sport or as an emergency backup plan in case things go awry. Rick Tumlinson, a longtime civilian space booster who founded the Space Frontier Foundation and helped launch the X Prize Foundation, and Jonathan Clark, a former NASA flight surgeon who has a unique understanding of the extremes of spaceflight survival—his wife, astronaut Laurel Clark, perished in the space shuttle Columbia disaster in 2003—have begun to develop the equipment needed to return you from the heavens without a vehicle. And we do mean “you”: If you’re bold enough, Tumlinson hopes you’ll be Orbital Outfitters’s first space diver, pioneering what he calls “the most extreme sport in human history.” Even if you’d never volunteer to test their prototype, you might end up benefiting anyway, because when commercial suborbital flights become commonplace, Clark thinks the suits and chutes he and Tumlinson are developing could function as the first serviceable life jackets of the spacefaring age.

Together, the two plan to demonstrate a record-breaking 120,000-foot jump by 2009, and the truly unprecedented 60-mile space dive within two years—an audacious timetable. If all goes well, they’ll reach even higher. “Our ultimate goal,” Tumlinson says, “is to have individual human beings return from orbit alive.” That’s a drop from 150 miles—or more—involving increased heat and near-deadly Gs, essentially turning their divers into human meteorites.

Even that’s survivable, says NASA Jet Propulsion Laboratory engineer Robert Manning, who designs reentry systems for unmanned craft. Given the right protection—including thermal protection, oxygen, an aerodynamic heat shield and a control system—Manning says, a human being could, theoretically, fall to Earth from any height and survive. The question is whether Tumlinson and Clark can turn theory into fact, and whether anybody would be crazy enough to give their thrill ride a try.

Tuesday, June 26, 2007

New Cryptographic Hashing Standards Proposed

Via NIST Website -

The National Institute of Standards and Technology has revised two Federal Information Processing Standards specifying algorithms for cryptographic hashing. Drafts of FIPS 180-3 and FIPS 198-1 have been released for three months of public comment.

FIPS 180-3 replaces Publication 180-2 and specifies five secure hash algorithms (SHAs). The algorithms, when combined with a message, produce a message digest that should be unique to the original message. These can be used for digital signatures and message authentication codes. In the new draft, SHA-1, SHA-224 and SHA-256 are used to produce digests of shorter messages, and SHA-384 and SHA-512 can be used for longer messages. They produce digests ranging in length from 160 bits to 512 bits, depending on the algorithm used.

The algorithms are considered secure because it is unlikely that the original message could be derived from the digest produced by the algorithm or that the algorithm could produce the same digest for more than one message. This gives a high probability that each digest is unique to its message and that the digest can be used to accurately verify a digital signature or a message authentication code.

FIPS 198-1 replaces Publication 198 and specifies an algorithm for applications requiring message authentication. Using a secret key that is shared with the intended recipient, the sender produces a code or message digest unique to the message being sent. The recipient uses the same key to produce a code of the message being received. If the codes match, the recipient can be sure that the message has not been altered and that it came from the other holder of the key.

Comments are being accepted on both proposed standards until Sept. 10. Comments should be sent to proposed180-3@nist.gov or proposed198-1@nist.gov with a subject line that reads “Comments on draft 180-3” or “Comments on draft 198-1,” respectively.

Pure Energy

After lunch I picked up a bottle of G Energy's Pure Energy drink.

Not bad, the taste is an pretty mild lime flavor. The bottle design is pretty nice to the eyes, but makes me feel like I am drinking cologne as opposed to a energy drink. Red Bull is still king in my book.

Upon returning to work, the drink sparked a discussion about the 1988 Information Society song with the same name and its "killer synth'n lines".

Information Society - What's On Your Mind (Pure Energy)
http://www.youtube.com/watch?v=ijAYN9zVnwg

Man, that guy has some crazy hair....

Michel Fournier - The Super Jump

The Super Jump



In August 2007 an extraordinary project will bind France, Canada and a single man for an historic supersonic free fall. Michel Fournier will drop out of the stratosphere from an altitude from about 130,000 feet (40 kilometers, nearly 25 miles) above the plains of Saskatchewan, Canada, and will contribute to the development of future technologies and the safety of stratospheric flight.

------------------------------

If Michel pulls this off, he will break four world records:

- Altitude record for freefall
- Altitude record for human balloon flight
- Time record for longest freefall
- Speed record for fastest freefall

Also, like
Joseph W. Kittinger, he will break the sound barrier and archive supersonic flight without a capsule or craft. Past estimates have put his max speed at between 745 and 1,000 mph.

Day of Silence for Internet Radio

Via arstechnica.com -

A number of Internet radio stations will be participating in a Day of Silence on June 26 to protest the retroactive royalty rate increases due to go into effect on July 15. Organized by Kurt Hanson, publisher of the Radio and Internet Newsletter, the protest is designed to remind listeners that silence is "what the Internet could be reduced to on or shortly after" the royalty increase begins.

In March, the Copyright Royalty Board
announced that it would raise royalties for Internet broadcasters, moving them from a per-song rate to a per-listener rate. The increase would be made retroactive to the beginning of 2006 and would double over the next five years.

After the announcement, a group of broadcasters spearheaded by National Public Radio petitioned the CRB for a rehearing, but a panel of judges denied the request less than a month later.

In early May, legislation was introduced into the Senate and House of Representatives that would overturn the CRB's decision and mandate a royalty rate of 7.5 percent of total revenues. Neither version of the Internet Radio Equality Act has yet to make it to the floor for a vote. A coalition of webcasters has also asked a federal appeals court to delay the rate hike.

Daunted by the prospect of legislation, SoundExchange—the licensing authority backed by the major record labels—offered Internet broadcasters an olive branch. Under SoundExchange's latest proposal, smaller webcasters would remain exempt from the new royalty schedule until 2010. Large, commercial webcasters would have to still have pony up beginning in mid-July. SaveNetRadio criticized SoundExchange's offer, saying that it amounted to throwing large webcasters under the bus while simultaneously ensuring that none of the small webcasters would ever see significant growth.

During the Day of Silence next week, Internet broadcasters will broadcast static or silence interspersed with public service announcements asking listeners to contact their congressional representatives and ask them to support the IREA. According to the Radio and Internet Newsletter, webcasters such as Live365.com, AccuRadio.com, and NPR affiliate KCRW will participate. Hanson said that he hopes that larger stations such as NPR, Pandora, Yahoo, and Real Rhapsody will also participate.

Monday, June 25, 2007

Hackers Wanted - Philippine Internet Voting System

Via allheadlinenews.com -

Manila, Philippines (AHN) - Local and foreign computer hackers will be tapped to try and break into an Internet-based voting system that will be pilot tested by the country's Commission on Elections (Comelec) starting July 10.

The Internet voting system, developed by Spanish firm Scytl Consortium, is worth $452,000. Comelec will pilot test the system from July 10 to 30 for voters in Singapore, where there are 26,853 registered absentee voters.

Linux Kernel Development Goes Tickless

Via News.com -

Maybe you'd be better off if you didn't spend so much time looking at your watch.

That, loosely speaking, is the rationale behind a significant change at the heart of Linux that programmers hope will make the open-source operating system more efficient. New versions of the operating system are being endowed with a "tickless" kernel that forsakes traditional computer time-keeping in an effort to keep the processor in a somnolent, low-power state.

...

Some Linux developments take years to arrive, but the tickless kernel is now making its way into the Linux mainstream.

"The re-engineering has mostly been done," said Linux leader Linus Torvalds of the new kernel. And for higher-level software, PowerTop has been "invaluable, he added. "A lot of people and (Linux) distributions are actually interested in this, so the user applications do seem to be getting fixed."

There's more work to be done, but the progress has been measurable, said Arjan van de Ven, a longtime kernel programmer now working at Intel. "What we see in our lab today is that Linux on a laptop consumes 15 percent to 25 percent less power during idle than a code base of about three months ago," he said.

...

Obviously, processors can go into these power-saving states when a user commands a computer into standby mode. But a lot more can be done. Because gigahertz-frequency processor cycles last less than a billionth of a second, though, chips can actually enter and leave low-power states many times in the interval between two keystrokes of a fast typist.

But an operating system kernel--the core software that handles basic tasks such as scheduling processes and communicating with hardware--isn't always good at avoiding busywork. For one thing, software often needlessly prods the kernel into alertness. For another, the kernel itself can waste energy twiddling its thumbs when it could just as well be lowering its blood pressure and dozing off.

...

The tickless kernel still keeps track of time, but in a different way. Instead of checking frequently for work to be done--literally 1,000 times a second in the case of Linux, with each millisecond-long tick of the kernel's clock--the kernel schedules the hardware to interrupt it when it knows a future job will require its attention.

The tickless kernel provides another indirect benefit when it comes to power efficiency: It enables better use of virtualization, technology that lets multiple operating systems run simultaneously on the same computer, by replacing numerous idle machines with fewer, more efficiently used ones.

...

"Even though the kernel itself now has all the fundamental timer-handling knowledge, most of the kernel subsystems use some timers for their own handling, and tuning that usage will probably go on for some time," Torvalds said.

Odds Given on iPhone Failure

Via livescience.com -

When the long-awaited iPhone hits store shelves this week, no doubt many Apple enthusiasts will adopt early as they've done in the past with other products from the company. But just how crazy it gets is anyone's bet.

In fact, BetUS.com figures the odds are 20-1 that someone will get trampled while scrambling to snag one June 29. The site has also put odds on how long the batteries will last and whether the devices will be recalled.

The idea for creating these odds and a host of others surrounding the iPhone was spurred by past electronic firsts that have been greeted with enthusiasm but also a slew of unrealized defects and bugs.

"This phone has everything but the kitchen sink,” said BetUS.com spokesman Reed Richards. “With the seemingly endless options that the phone offers, the chances for a malfunction are likely.”

Sunday, June 24, 2007

Creator of Mobile Phone Virus Arrested in Spain

Via smh.com.au -

Spanish police said on Saturday they have arrested a 28-year-old man on suspicion of creating and spreading a virus that affected more than 115,000 high-end mobile phones.

The man was detained in the eastern coastal city of Valencia following an investigation that lasted over seven months, police said in a statement.

It is the first time that the creator of a virus that targets mobile phones was arrested in Spain, the statement added.

The virus struck Bluetooth-enabled phones that run on the Symbian operating system and it was disguised as messages claiming to contain erotic images, sports information or virus protection software.

It caused millions of euros (US dollars) in damage to both the owners of the mobile phones as well as to mobile services providors, the police statement said.

US Military Looks to Counter Commercial Satellite Imagery

Via CNET -

The head of U.S. Air Force intelligence and surveillance on Thursday said data available commercially through online mapping software such as Google Earth posed a danger to security but could not be rolled back.

"To talk about danger is, if I may, really is irrelevant because it's there," said Lt. Gen. David Deptula, deputy chief of staff for intelligence, surveillance and reconnaissance.

"No one's going to undo commercial satellite imagery," he told reporters in Washington.

Deptula cited Google Earth, which gives Web users an astronaut's view of the earth and allows them to zoom down to street level. He said it had provided anyone with a credit card the ability to get a picture of any place on earth.

"It is huge," he said. "It's something that was a closely guarded secret not that long ago and now everybody's got access to it."

Asked if the U.S. military might try to implement restrictions or blackouts on imagery of some areas, Deptula said he was not aware of such an attempt.

"I don't want to speak to specifics, but not that I'm aware of," he said.

Instead, governments are trying to mitigate the effect through camouflage, concealment and deception, he said, providing no other details.

Saturday, June 23, 2007

Rwanda Genocide Fugitive Arrested in America

Via AllAfrica -

Rwanda's Ambassador to the US James Kimonyo and his team have continued efforts to secure the extradition of Genocide suspect Isaac Kamali.

Kamali, who is number 27 on Rwanda's most wanted Genocide fugitives' list, was arrested by US security on Wednesday en route from France as he tried to enter the US through Philadelphia airport. He was traveling on a French passport.

The New Times has learnt that Kimonyo is already in contact with the U.S. Department of Justice and the Department of State over the matter, and that he had already served them with information about Kamali's role in the Genocide.


Prosecutor General Martin Ngoga, who has for most of this week been in New York, US where he addressed members of the UN Security Council, is working closely with the embassy to secure the 58-year old fugitive.

"There are some contacts going on. Our Embassy has provided them (both US government departments) with necessary information, and we are waiting for a response. I hope in a day or two, we shall have received the feedback," Ngoga told this reporter by telephone from the US.
The extradition is threatened by the fact that the suspect holds a French passport, as well as lack of an extradition treaty between Rwanda and the US. However, Foreign Minister Charles Murigande said on Thursday that extradition was possible since the suspect is accused of committing Genocide. The US is signatory to the 1948 Genocide Convention which obligates all signatories to ensure that Genocide culprits are brought to book. However, Washington D.C can also decide to prosecute him or transfer him to the UN-backed International Criminal Tribunal for Rwanda (ICTR) in Tanzania.

US House Votes to Ban Aid to Saudi Arabia

Via aljazeera.net -

The US House of Representatives has voted to prohibit any aid to Saudi Arabia as congressmen accused the close ally of religious intolerance and bankrolling armed groups. The prohibition was attached to a foreign aid funding bill for next year that has not yet been debated by the US senate.

"By cutting off aid and closing the loophole we send a clear message to the Saudi Arabian government that they must be a true ally in advancing peace in the Middle East," Anthony Weiner, a Democratic congressman, said.

In the past three years, congress has passed bills to stop the relatively small amount of US aid to Saudi Arabia, only to see the administration of George Bush, the president, circumvent the prohibitions.

Now, congressmen are trying to close loopholes so that no more US aid can be sent to the world's leading petroleum exporter.

According to supporters of the legislation, the United States provided $2.5m to Riyadh in 2005 and 2006.

French Government Bans Blackberry

Via technewsworld.com -

Out of fear that other countries' security agencies would spy on them, French government security experts have reportedly banned usage of BlackBerry devices in the country's ministries and presidential palace. Nevertheless, members of several government departments reportedly are still using the devices in secret.

--------------------------------

Crackberry habit is hard to break....

MS07-033 Explot in the Wild

Via Symatec Deepsight -

Recently, a DeepSight honeypot was compromised by a rogue website that served a variety of malicious scripts to users. From the dozens of websites that we investigate everyday, what makes this case special is the fact that this is the first detected instance of in-the-wild exploitation of Microsoft Internet Explorer Speech API 4 COM Object Instantiation Buffer Overflow Vulnerability (BID 24426). This exploit appears to be a derivation of the publicly available exploit released at milw0rm.com. The vulnerability lies in the way two COM objects in the Speech API 4, namely Windows DirectSpeechSynthesis Module (XVoice.dll, EEE78591-FE22-11D0-8BEF-0060081841DE ) and DirectSpeechRecognition Module (XListen.dll, 4E3D9D1F-0C63-11D1-8BFB-0060081841DE), handle certain user input. The malicious attacker can instantiate these COM objects via Internet Explorer, and pass overly long arguments to certain routines. In this case, the exploit passes a maliciously crafted argument (ModeName) to the DirectSS.FindEngine function. The overflowed buffer is then populated with attacker-supplied shellcode over-writing the Structured Exception Handler, thus resulting in the execution of arbitrary code. This exploit is being detected as Bloodhound Exploit.150 by Norton AntiVirus.

Friday, June 22, 2007

Microsoft to Apply Watermarking Technology to Software

Via cdrinfo.com -

Microsoft filled a patent on June 12 describing a watermarking technology that could be applied to downloadable software, in an effort to combat piracy.

The patent, filled at the United States Patent and Trademark Office, relates to a method for encoding information, termed a "digital watermark" or more simply a "watermark", into a program or application downloaded over the Internet. Microsoft said that its goal is to make this information difficult to be detected and forged.

The inclusion of the digital watermark information would make every instance of a software unique. "When a software is distributed or sold over the Internet, personal identification information, such as a purchaser's name, address, telephone number, credit card number, etc., is collected and encoded into a binary sequence," reads Microsoft's patent.

"The binary sequence is mapped into an instruction swap table to create a sequence that is used for exchanging, or swapping, specific occurrences of pairs of non-interfering instructions. As the application is downloaded, pairs of non-interfering instructions are efficiently swapped based on the encoded binary sequence. Thus, the downloaded application is watermarked with the personal identification information collected from the purchaser before the application was downloaded," Microsoft explains.

------------------------

Who needs DRM when you have watermarks like these...

LexisNexis Warns of Consumer Database Breaches

Via SecurityFix Blog (Thanks for Fergie for the heads up) -

Last month, Security Fix wrote that scam artists were trying to steal the login credentials that law enforcement officers use to access their accounts at Accurint, a database operated by LexisNexis owner ReedElsevier that contains highly detailed and personal files on millions of Americans.

It would seem as though those efforts have been successful.

The company recently sent out an undetermined number of letters to consumers across the country, stating that "...a law enforcement customer's user ID may have been used in an unauthorized manner that allowed some personal information about you to be viewed..." The letter, dated May 25, said thieves had accessed the recipient's personal data, which may have included the victim's name, address, Social Security and/or drivers license number. It also offered free Equifax monitoring through a promotional code.

Sources familiar with the incident said the letters were sent after it was discovered that a number of accounts were compromised at a federal law enforcement agency, though the source declined to say which agency was targeted.

Thursday, June 21, 2007

Possible Hamas Murder Plot Video Released by PA

Via Al-Jazeera (Qatar) -

The Palestinian Authority has released video of what it said was a Hamas attempt to assassinate Mahmoud Abbas, the president.

The pictures appear to show Hamas fighters preparing explosives in a tunnel under the main North South road that runs through the middle of the Gaza Strip.

Abbas drives along the road to get to his home and presidential compound in Gaza City.

Hamas has strongly denied any role in the purported plot to kill Abbas.

The images appear to show Hamas fighters laughing as one seems to say "This is for Abu Mazen and the next one is for the Preventative Security."

Abu Mazen is the name by which the Palestinian president is also known.

The tape was released on the same day that Abbas agreed to meet Ehud Olmert, the Israeli prime minister, for the first time since Hamas took control of Gaza.

Jamal Nazzah, a Fatah spokesman, told Al Jazeera: "This is not the first time Hamas has tried to kill Abbas. In our view this was part of a plan to make a coup against the Palestinian Authority."

Atef Adwan, a Hamas MP, responded: "If Hamas had wanted to kill president Abbas then we would have done this years ago.

PLO Backs Fresh Presidential & Parliamentary Elections

Via Middle East Times -

RAMALLAH, West Bank -- The Palestine Liberation Organization (PLO) gave its approval Thursday for early presidential and parliamentary polls under new rules that will exclude the Islamists of Hamas.

The decision of the PLO central council, which has legislative powers when the organization's full 700-member parliament-in-exile is not in session, still has to be endorsed by Palestinian president and PLO chairman Mahmoud Abbas.

But a senior Palestinian official said that the emergency cabinet sworn in by Abbas Sunday, after he dismissed the previous Hamas-led government as it seized power in Gaza, could begin preparations for the elections as early as next month.

The PLO central council recommended "the holding of fresh presidential and parliamentary elections once the necessary conditions have been put in place with a return to calm in Gaza," council member Saleh Raafat said.

The central council also recommended changes to the electoral law that would require all parties participating in elections to "respect the political program of the PLO," including its nearly 20-year-old support for a two-state solution to the Middle East conflict, which effectively excludes Hamas.

Sri Lanka Under Fire Over Internet Censorship

Via Middle East Times -

COLOMBO -- Media rights groups attacked Sri Lanka's government Thursday for blocking domestic access to a Web site favoring the Tamil Tiger rebels and for saying that it would like hackers to disable the site.

Reporters Without Borders (RSF) said that Colombo should immediately unblock the Tamilnet.com Web site.

"Sri Lanka's Internet service providers have been blocking access to the Web site on the government's orders since June 15," RSF said. "The government must put a stop to this censorship and restore access to the site at once."

A local rights group, the Free Media Movement (FMM), also criticized government spokesman Keheliya Rambukwella over comments in which he said that he would "love" to hire hackers to pull down Tamilnet.

The FMM said that Rambukwella's statement was "tantamount to government sanctioned cyber-terrorism against Web sites that do not toe its line."

"The FMM seeks urgent clarification from the government as to whether minister Rambukwella's comments are indicative of official government policy to shutdown, disrupt, or censor content and Web sites on the Internet."


But Sri Lanka's media minister Anura Yapa insisted that his ministry had nothing to do with preventing users of Sri Lanka Telecom, the country's main Internet service provider, accessing Tamilnet.

"It is unreasonable to level charges against the government," Yapa told reporters in Colombo. "We have nothing to do with this."

Japanese Humanoid Robot to Work in Rain

Via Middle East Times -

TOKYO -- Japan is a step closer to having an ideal worker who will not complain in torrential rain or on slippery floors as a company unveiled a next-generation humanoid Wednesday.

Kawada Industries' HRP-3 Promet Mk-II, a 160-centimeter-tall (five feet, four inches) humanoid, walked on a slippery floor scattered with sand and held out its arms under a shower before media cameras.

"We have made a leap toward creating a humanoid that works in a real environment," the firm said in a joint statement with Kawasaki Heavy Industries and the National Institute of Advanced Industrial Science and Technology.

The white robot, which wears a visor and has a passing resemblance to a Star Wars Imperial Stormtrooper, also used a screwdriver with its right hand while leaning forward on its left arm, balancing itself just like a human would.

The robot weighs 68 kilograms (149 pounds) including the battery.

"Our country is rapidly aging and it is an urgent task to develop robots that can perform tasks only done by humans now," the statement said. "If a humanoid can substitute human functions, the entire social cost would be reduced," it said.

Morocco's Hip Hop Revolution

Via Asharq Al-Awsat (London Based, Saudi Edited) -

Rabat, Asharq Al-Awsat- Audiences scream and shout in frenzied anticipation for Morocco’s rap bands to perform. Moroccan rap artists are taking the local music scene by storm in what can only be described as a bona fide phenomenon reflecting the voices of the country's younger generation.

Held annually in Rabat, the ‘Mawâzine Rythmes du Monde’ festival dedicates a main section of its artistic program to provide a platform for such artists and groups to perform their music, which it dubs the ‘Mawazine generation’. Musical genres include rap, rock, hip-hop and reggae. Among the names of some of these bands are ‘Zanka Flow’ (Street Flow), ‘H-Kayne’, ‘Fnaïre’ and ‘Kanka’. These bands depend on sharp performances that address their listeners in an immediate and direct manner.

But what is the secret behind the popularity of these groups that draw twenty-something year olds? They perform very simple musical compositions and most of the performers lack musical background. The only redeeming quality to their music is their love for this Western type of music, which they imitate or ‘Moroccan-ize’ by integrating popular Moroccan rhythms such as Gnawa [also Gnaoua].

But is it not only the music that reflects the Western influence as their choice of clothes, loose cotton t-shirts printed with certain phrases and baggy jeans worn low on their hips, is also a sign of Western influence . They emulate American artists especially, and often wear sports caps, gold and silver chains and even earrings.

It’s true that they make up a phenomenon that is worthy of close examination, not simply because of the concerns they address in colloquial Moroccan Arabic, but particularly because of the influence they have on Moroccan youth. But it’s not only their demeanor and movement that attracts attention and lends an impression of freedom and challenge; the words of their songs have come to constitute a reference for their thoughts and experiences. Through their music they are able to voice their positions and what they are against or dissatisfied with. They use phrases such as, “Be a gentleman or leave,” and at times express absolute pessimism declaring “no present, no future and no past.”

Pakistan Scholars "Knight" Osama Bin Laden

Via Middle East Online -

Pakistani Islamic scholars honoured Osama bin Laden Thursday in response to Britain's knighthood for Salman Rushdie, as a senior ruling party member said he would not hesitate to kill the novelist.

Meanwhile the country's religious affairs minister, who caused outrage by remarking that the award given to the "Satanic Verses" author justified suicide attacks, announced that he may visit Britain next month.

The Pakistani Ulema Council, a private body that claims to be the biggest of its kind in the country with 2,000 scholars, said it had given Bin Laden the title "Saifullah", or Sword of Allah, its top accolade.

"We are pleased to award the title of Saifullah to Osama bin Laden after the British government's decision to bestow the title of 'Sir' on blasphemer Rushdie," council chairman Maulana Tahir Ashrafi said.

"This is the highest title for a Muslim warrior."

Bin Laden has been blamed for the September 11, 2001 attacks on New York and Washington that killed nearly 3,000 people. He is widely believed to be hiding on the Pakistan-Afghanistan border.

Few Gazans Respond to Hamas Weapon Deadline

Via haaretz.com (Israel) -

Few Gazans turned in their weapons on Thursday, as a Hamas deadline for arms collection expired and the group threatened harsh punishment for those who kept their guns stashed at home.

In chaotic Gaza, where defeated Fatah militants are hiding in their homes in fear of retribution and clan grudges can flare into open warfare at any moment, few believe Hamas will recover even a fraction of the estimated 400,000 firearms - nearly one for every three residents of Gaza.

Some Fatah fighters said they removed their weapons from their houses so Hamas gunmen would not find them when they conducted searches. Some hid their weapons in holes in the ground. One man said he buried his weapon beneath the family chicken coop. Others said they threw their rifles into the sea, rather than risk having them fall into Hamas hands.

"I prefer to shoot myself rather than give them my gun," said a 33-year-old Fatah-affiliated security officer who gave his name only as Abu Subhi for fear of retaliation. "I don't trust them at all."