Friday, November 30, 2007

Maltego GUI Released

Via Paterva Announcements -

So, the time has FINALLY come. MaltegoKZ3 is available for download. Why KZ3 ? It's a long story...

You can pick it up at

PLEASE consider reading the online documentation! It's right there on the web site. It tells you how to install and run it for the first time.


Awesome, I can finally uninstall Evolution...

You do have to register with Paterva, which will generate an email. This process is kinda a pain. I suggest using Mailinator. Then you sign into their website and get your API key. Then you have to selection all the transforms in the "Manage Transforms" menu and input the key for them all.

THEN you have to click on each tranform that doesn't have a green check next to it and accept a disclaimer for each one. There are around 20 of these.

Anyways, I finally got it working...

Insider Charged for Hacking California SCADA System

Via ComputerWorld -

November 29, 2007 (IDG News Service) -- SAN FRANCISCO -- A former employee of a small California canal system has been charged with installing unauthorized software and damaging the computer used to divert water from the Sacramento River.

Michael Keehn, 61, former electrical supervisor at the Tehama Colusa Canal Authority (TCAA) in Willows, Calif., faces 10 years in prison on charges that he "intentionally caused damage without authorization to a protected computer," according to Keehn's Nov. 15 indictment. He did this by installing unauthorized software on the TCAA's Supervisory Control and Data Acquisition (SCADA) system, the indictment states.

Keehn accessed the system on or about Aug. 15, according to the indictment. He is set to appear in federal court on Dec. 4 to face charges of computer fraud.

As an electrical supervisor with the authority, he was responsible for computer systems and is still listed as the contact for the organization's Web site.

Google Seaches that make you go hmm...

When my NSA certified network encryptor / router stops passing traffic, I always check Google as well... Where did that TACLANE-Router (KG-175R) troubleshooting forum disappear to? Hmm...Strange.

But in all seriousness, that thing is pretty damn cool...

Happy Friday everyone

Iran Targets Obscene Rap Music

Via BBC -

The Iranian government has announced a campaign against rap music which it considers obscene.

The Ministry for Culture and Islamic Guidance said illegal studios would be closed and rap singers "confronted".

An official condemned rappers for using very vulgar words, but it was not clear if the whole genre was being banned.

Rap music in Farsi is increasingly popular among young men in Tehran, with lyrics covering political, social and sexual themes.

Iranians wanting to record an album or stage a concert need to get official permission.

Some songs are approved by the ministry, but most are circulated through a growing underground market for rap.

The culture ministry official, Mohammad Dashtgoli, was quoted by the official Irna news agency as saying he wanted to "find a solution" to internet distribution of the music.

Iranian rappers are inspired by the Iranian exile community in Los Angeles - one of the main centres of American rap.

Young Iranian singers are trying to replicate the accents and subject material used by many US artists.


As long as they don't take the Panjabi Hit Squad and their Desi beats away from the kids....

Sudanese Protesters Call for British Teacher's Death

Via NYDailyNews -

Thousands of protesters, many brandishing clubs and swords, took to the streets of Sudan’s capital Friday, demanding the execution of a British teacher who let her students name a teddy bear Muhammad.

Gillian Gibbons, 54, was found guilty Thursday of insulting Islam and sentenced to 15 days in jail. She was spared the more serious punishment of 40 lashes.

That angered many in Khartoum, who rallied in Martyrs Square outside the presidential palace. Protesters waved sticks, knives, axes and swords.

“Kill her, kill her by firing squad!” they chanted. “No tolerance, execution!”

Others shouted, “Shame, shame on the U.K.”

A cleric at Khartoum’s main Martyrs Mosque claimed Gibbons had intentionally insulted the Muslim faith.

“This an arrogant woman who came to our country, cashing her salary in dollars, teaching our children hatred of our Prophet Muhammad,” Abdul-Jalil Nazeer al-Karouri told worshippers at a Friday sermon.

“Imprisoning this lady does not satisfy the thirst of Muslims in Sudan,” he said.

Britain was working through diplomatic channels to try to free Gibbons. Foreign Secretary David Miliband summoned the Sudanese ambassador late Thursday to express Britain’s disappointment with the verdict.

Gibbons, from Liverpool in northern England, moved to Sudan in July and began teaching at the Unity School in Khartoum. She was arrested Sunday after some parents complained that she had allowed her class of 7-year-olds to name a teddy bear Muhammad.

School officials have said the students suggested names for the bear and then voted. Their choice was Muhammad - the most popular boy’s name in the Muslim world.

But while naming a child after Islam’s revered prophet is acceptable, many consider using it for an animal or toy to be insulting.


Wow, that is about all I can say. Sometimes I read stuff that and I have to remind myself that given all her faults, America is a rather nice place to live overall.

Government-Sponsored Cyberattacks on the Rise

Via PC World -

Governments and allied groups worldwide are using the Internet to spy and launch cyberattacks on their enemies, targeting critical systems including electricity, air traffic control, financial markets and government computer networks, according to McAfee's annual report examining global cybersecurity.

This year, China has been accused of launching attacks against the United States, India, Germany and Australia, but the Chinese are not alone: 120 countries including the United States are said to be launching Web espionage operations, according to McAfee's Virtual Criminology Report, issued today and developed with input from NATO, the FBI, the United Kingdom's Serious Organized Crime Agency, and various groups and universities.

"Cyber assaults have become more sophisticated in their nature, designed to specifically slip under the radar of government cyber defenses," McAfee states. "Attacks have progressed from initial curiosity probes to well-funded and well-organized operations for political, military, economic and technical espionage."

One attack against Estonia, allegedly carried out by Russia, disrupted government, news and bank servers for several weeks in April, McAfee notes. In the United States, a Pentagon computer network allegedly was hacked by China-based perpetrators in June, the McAfee report states.

The Internet is simply a great tool for gathering intelligence, both for world powers like the United States and China and small countries with limited resources, says David Marcus, security research and communications manager at McAfee Avert Labs.

He doesn't think cyberattacks will replace conventional warfare, but says they are becoming an important augmentation, with countries using technology to spread disinformation and disrupt communications. He also predicts it will be common for governments to license cybercriminals to attack enemies in a sort of privatized model. "We're already starting to see that with state-sponsored malware," he says. "I only think you're going to start seeing more than that because it's easier to attack government X's database than it is to nuke their troops."

McAfee said its research also found an increasing threat to banking and other online services, and "the emergence of a complex and sophisticated market for malware." Malware today is more complex than ever before, capable of acting as if it were genetically modified. "These 'super-strength' threats are more resilient, are modified over and over again like recombinant DNA," McAfee writes. "Nuwar ('Storm Worm') was the first example, and experts say there will be more examples in 2008."

Thursday, November 29, 2007

Stowaways Detained On Military Cargo Ship

Via (Houston, TX) -

BEAUMONT, Texas — Two stowaways from the Republic of Djibouti were detained for immigration violations after being discovered hiding aboard a military cargo ship.

The two men were found three weeks ago on a ship carrying military equipment to the Port of Beaumont, U.S. Coast Guard officials said. The stowaways were detected after they asked crew members for food and water.

The ship, owned by Alaska-based Tote, was headed toward the 842nd Transportation Battalion, said U.S. Navy Lt. Cmdr. James E. Walters. The incident did not affect operations at the port, officials said.

The ship was boarded offshore and the men were taken into custody before the vessel entered the Sabine-Neches waterway.

Guilty Verdict in Sudan for British Teacher

Via -

KHARTOUM, Nov 29 (Reuters) - A British teacher accused of insulting Muslims after her class called a teddy bear Mohammad was found guilty and jailed for 15 days, a defence lawyer said on Thursday.

Sudanese men read a newspaper with a picture of Gillian Gibbons, a British teacher.

Gillian Gibbons, 54, was ordered to be deported after she had completed her sentence.

"She was found guilty of insulting religion and the sentence is 15 days (in jail) and deportation," defence lawyer Ali Ajib said after the trial in a Khartoum courtroom, which lasted less than a day.

In London, the British Foreign Office said it was "extremely disappointed" with the verdict. "The Sudanese ambassador will be called in this evening to explain this decision," a Foreign Office spokeswoman said.

Robert Boulos, head of Unity high school where Gibbons worked, said: "We are happy with the verdict. It is fair. There were a lot of political pressures and attention."

He added: "We will be very sad to lose her."

Asked what he thought of the verdict, the head of Gibbons's defence team, Kamal al-Jazouli, said: "It was not bad."

Gibbons was charged on Wednesday with insulting Islam, inciting hatred and showing contempt for religious beliefs because of the toy's name. Under Sudan's penal code, she could have faced 40 lashes, a fine, or up to one year in jail.

In court, judge Mohammed Youssef listened to two accounts -- one from school secretary Sarah Khawad, who filed the first complaint about the teddy bear's name, and one from the official who has been investigating the case, court sources said.

Teachers at the school say that calling the teddy bear Mohammad, the name of the prophet of Islam, was not her idea in the first place and that no parents objected when Unity High School sent parents circulars about a reading project which included the teddy bear as a fictional participant.

British Foreign Secretary David Miliband had earlier said in a statement "We believe this was an innocent misunderstanding."

Sudan has had poor relations with Britain, the United States and most European countries for several years, mainly because of their disagreements over how to handle the conflict in the Darfur region in western Sudan.


I don't like Soapboxes, but I have one

This verdict is very disappointing for those that believe in freedom of speech and well...pretty much freedom overall. The punishment isn't nearly as bad as it could have been and for that, I am thankful. I would like to say that first and foremost.

However, It is quite clear that the teacher was not directly insulting Islam, inciting hatred or showing contempt for religious beliefs. If she is guilty of anything, it is being too naive about a very controlling & corrupt Sudanese government.

In my view, the class most likely elected to use that name because it carries special meaning, positive is a good name and it should not be used by the Sudanese government to push its own agenda. Islam is the religion of love, is it not?

Perhaps the government of Sudan should focus less on the innocent naming of a toy and focus more on the growing presence of al Qaeda training camps in the Darfur region and the whole genocide / crimes against humanity thing.

But I guess that isn't important...

Comcast's Assault on Net Neutrality

Via -

You may recall Comcast getting busted for interfering with peer-to-peer file sharing communications, especially picking on its users who use BitTorrent. Now the Electronic Frontier Foundation (EFF) has released a detailed report (PDF) that comes close to proving that Comcast was "forging traffic." The EFF describes exactly how its experts used Wireshark, open-source packet sniffing software, to show that Comcast was injecting forged RST packets into their communications, effectively telling both ends to hang up.

The EFF asked, "What's so bad about what Comcast's actions?"

One objectionable aspect of Comcast's conduct is that they are spoofing packets--that is, impersonating parties to an exchange of data. Comcast is essentially deploying against their own customers techniques more typically used by malicious hackers (this is doubtless how Comcast would characterize other parties that forged traffic to make it appear that it came from Comcast or its subscribers). In this sense Comcast is behaving worse than if they dropped a proportion of packets under congested circumstances in order to throttle bandwidth usage, or even if they blocked certain ports on their network. In other words, Comcast is essentially behaving like a telephone operator that interrupts a phone conversation, impersonating the voice of one party to tell the other that "this call is over, I'm hanging up."
Now we're wondering which other internet service providers (ISP) are forging data between their users. Readers, are you having problems with your ISP, perhaps Time Warner's Roadrunner service? Any network gurus care to run Wireshark and find out? If all the ISPs are doing this to us, let's bust them, bringing the power of all Gizmodia to bear, troops! [Ars Technica, via Boing Boing]


This is why we need the government to step up and protect the underwritten law of Net Neutrality.

We have trusted corporations to follow this idea and for a while, it worked.

But now they are stepping all over that trust....and now is the time for the public to flex its muscles (via the elected government) and put this corporations back inline (e.g. by making it the law).

Support Net Neutrality and Save the Internet.

Latest QuickTime Exploit Targets Both Macs and PCs

Via -

A US-based security researcher has published a single piece of code that can remotely compromise both PCs and Macs as long as they are running Apple's QuickTime media player.

The exploit is at least the fourth to target a newly discovered security flaw in the way QuickTime interacts with servers that stream audio and video. Up until now, the exploits have only targeted machines running Windows operating systems, but Lorenzo Hernandez, the researcher who prefers to go by the name Larry, says his exploit also targets Tiger and Leopard versions of OS X running on both Intel-made processors or older machines that use the PowerPC chip.

"Our intention was to provide a highly educational exploit," Larry told El Reg. "We are trying to expose and show exploitation techniques for OS X."

Apple, which has yet to patch the vulnerability in QuickTime's real time streaming protocol response header, has not responded to requests for comment.

The exploit, which is published here, first analyzes the bowels of a user's machine to determine the OS it is running. It then unleashes a payload that is tailored to the specific platform. In order for the exploit to work, an attacker would have to trick a user into clicking on a booby-trapped link, or playlist.

"Apple software is exceedingly informative when it comes to versioning information, and this is a security risk because it helps to automate exploitation," said Larry, CEO of Wyoming-based security services company called Subreption.

He provides a detailed write up (here) that concludes that the latest version of OS X lacks several common sense measures that would make it less vulnerable to miscreants.

For one thing, there's no heap randomization, which makes it easy to find a relatively static address located in dynamically allocated memory. For another, Leopard doesn't implement memory protection enforcement. Finally, Leopard for PowerPC doesn't implement a non-executable stack, making them susceptible to stack-based buffer overflows.

Since Saturday, at least three other exploits targeting the same flaw have been published. A Tuesday posting by Errata Security's David Maynor said there were indications there are exploits in the wild, but that he had so far been unable to confirm those suspicions.

WabiSabiLabi, an online marketplace for security exploit code, said recently that QuickTime proof-of-concept code it has listed for more than a week exploits a different vulnerability in the popular media player.


This isn't the last QT exploit to target Mac...expect more in the near future.

But I love the respond from Apple on a possible exploit for almost every OS X machine on the planet...."no comment". Are they serious?

This equates to hanging their users out to dry in my view.

Especially the users living in La-La Land that laugh about the idea of OS X malware.

If I asked a group of Windows users sitting at Starbucks the same question, I would guess that most would be semi-aware that they could be attacked or could have their information a nutshell they are at least aware of the dangers.

Can we say the same for Mac users living in the Land of Enchantment protective bubble make of pixie dust? I'm not so sure.

In addition, why was this bug not discovered during the code review that should have been kicked off after the RTSP URL Handling Buffer Overflow Vulnerability early this year?

I know you can't find every bug in such a complex protocol within a couple of months...but even with my limited exploitation knowledge, this new bug doesn't sound that difficult.

Perhaps Apple should updated their Amazon Wishlist with a new book - Fuzzing: Brute Force Vulnerability Discovery.

Wednesday, November 28, 2007

Cancer-Resistant Mouse Created with Par-4 Gene Expression

Via -

LEXINGTON, Ky. (November 27, 2007) − A mouse resistant to cancer, even highly-aggressive types, has been created by researchers at the University of Kentucky. The breakthrough stems from a discovery by UK College of Medicine professor of radiation medicine Vivek Rangnekar and a team of researchers who found a tumor-suppressor gene called "Par-4" in the prostate.

The researchers discovered that the Par-4 gene kills cancer cells, but not normal cells. There are very few molecules that specifically fight against cancer cells, giving it a potentially therapeutic application.

Funded by several grants from the National Institutes of Health, Rangnekar's study is unique in that mice born with this gene are not developing tumors. The mice grow normally and have no defects. In fact, the mice possessing Par-4 actually live a few months longer than the control animals, indicating that they have no toxic side effects.

"We originally discovered Par-4 in the prostate, but it's not limited to the prostate. The gene is expressed in every cell type that we've looked at and it induces the death of a broad range of cancer cells, including of course, cancer cells in the prostate," said Rangnekar. "The interesting part of this study is that this killer gene is selective for killing cancer cells. It will not kill normal cells and there are very, very few selective molecules out there like this."

To further investigate the potential therapeutic benefits of this gene, Rangnekar's team introduced it into the egg of a mouse. That egg was then planted into a surrogate mother.

"The mouse itself does not express a large number of copies of this gene, but the pups do and then their pups start expressing the gene," Rangnekar said. "So, we've been able to transfer this activity to generations in the mouse."

The implications for humans could be that through bone marrow transplantation, the Par-4 molecule could potentially be used to fight cancer cells in patients without the toxic and damaging side effects of chemotherapy and radiation therapy.

"When a cancer patient goes to the clinic, they undergo chemotherapy or radiation and there are potential side effects associated with these treatments," Rangnekar said. "We got interested in looking for a molecule which will kill cancer cells and not kill normal cells, but also would not be toxic with regard to the production of side effects to the entire organism. We are thinking of this in a holistic approach that not only would get rid of the tumor, but also not harm the organism as a whole. Before this animal study, we published a lot of work indicating that in cell culture, there's no killing of normal cells. This is the proof that it doesn’t kill normal cells because the mouse is alive and healthy."

Saudi Arabia Arrests 208 Militants & Foil Attacks

Via -

RIYADH (Reuters) - Saudi Arabia said on Wednesday it had arrested 208 militants for involvement in cells planning an imminent attack on an oil installation, as well as attacks on clerics and security forces.

State television in the world's biggest oil exporter said one of the cells was planning to smuggle in missiles. Al Qaeda sympathizers have mounted a campaign against the U.S.-allied monarchy since 2003.

A cell of eight militants led by a foreign resident planned an attack on an oil facility in the Eastern Province, it said. Saudi Arabia has been building a 35,000-strong rapid reaction force to protect installations after a failed al Qaeda attack in 2006 on the world's largest oil processing plant at Abqaiq.

"Security forces foiled an imminent attack on an oil support installation in the Eastern Province after the perpetrators prepared themselves and set a date," it said.

The report, citing an Interior Ministry statement, said 18 of those arrested belonged to a cell led by an "expert in launching missiles" who had slipped into the country. It said they planned to smuggle eight projectiles into the kingdom.

Another 22 were part of a group that plotted to assassinate clerics and security forces, it said.


The report also said the arrests included a "media cell" of 16 in Medina which aimed to promote "takfiri thinking" -- the ideology of Sunni Muslim radicals that supports violence against Muslims branded as infidels and apostates.

Those arrested also included 32 people -- both Saudis and foreigners -- involved in providing financial support for militants, the ministry said in the statement.

After the February 2006 failed attack on the Abqaiq plant, authorities have announced the break-up of cells involving several hundreds of people.

"They are unraveling networks but these are not hardcore people, they are peripheral," a Western diplomat said, adding the government was worried about public "complacency" that the militant campaign was over.

"These are people caught by monitoring Web sites and looking at financial flows. The hard core is really decimated already," said the diplomat.

NY Judge Has Bad Day, Orders 46 People Held Over Phone Ring

Via -

It was a normal enough morning in a Niagara Falls courtroom, with Judge Robert Restaino plodding through his routine batch of domestic violence arraignments. That is, until a ringing cell phone pierced the air.

What followed was "two hours of inexplicable madness," including the jailing of 46 people, according to the New York State Commission on Judicial Conduct. In a scathing report Tuesday, that panel recommended the city court judge be removed.

"Now, whoever owns the instrument that is ringing, bring it to me now or everybody could take a week in jail and please don't tell me I'm the only one that heard that," Restaino said on that fateful morning of March 11, 2005, according to the commission's report.

"Everyone is going to jail; every single person is going to jail in this courtroom unless I get that instrument now," he went on. "If anybody believes I'm kidding, ask some of the folks that have been here for a while. You are all going."

When no one fessed up, the judge, who was set to deal with 70 cases that morning, called back the 11 defendants he had already released on their own recognizance and set extra bail. All told, he ordered that 46 defendants be held in custody, according to the commission report. They were ultimately placed in crowded "holding" cells at the county jail, and some weren't released for a couple of hours.

Although Restaino "chastised" at length the defendants who claimed ignorance about the ringing phone's owner and accused the culprit of being "self-absorbed" for not coming forward, he never questioned "any of the prosecutors, defense attorneys, court personnel, program representatives or others who were present in the courtroom," the report found.

The commission concluded Restaino, who conceded he had no legal right to take the defendents into custody, had committed "an egregious and unprecedented abuse of judicial power." One panel member, however, said he was more inclined to pursue a penalty somewhere in between censure and complete removal, suggesting the episode was a fluke ("two hours of viral lunacy out of a person's entire professional life").

Restaino, for his part, attributed his behavior to "certain stresses in his personal life," according to the report.

Restaino plans to appeal the ruling and seek reinstatement to the post, which paid $113,900 per year, according to the Associated Press.

Natural Nuclear Reaction Powered Ancient Geyser

Via LiveScience (Nov 2004) -

With all the complicated engineering and physics needed to build a nuclear reactor, it is rather remarkable that one turned on spontaneously two billion years ago.

Evidence for this natural reactor was found in 1972 at the Oklo mine in the West African country of Gabon. New research confirms that water regulated the nuclear reactions in a cyclic pattern similar to that in a geyser.

Alex Meshik and his colleagues at Washington University of St. Louis have determined that the Oklo reactor, which comprises several separate sites, ran for 30 minutes and then shut off for 2.5 hours, before starting over.

"The time is characteristic of water infiltrating rocks and then being boiled off once reactions started," Meshik told LiveScience.

When the water all boiled away, the reactions stopped until new water percolated back down. This geyser-like activity also prevented a runaway reaction.

"It's amazing it didn't explode," Meshik said. "Instead it released energy in short pulses."


Water is very good at slowing down neutrons. Although scientists had long suspected that water was important for the Oklo reactor, the idea was not confirmed until Meshik's team looked at levels of xenon gas in the uranium deposits.

They realized that this xenon could only be trapped in the deposits if the reactor shut off on a regular basis - hence the geyser analogy. These results were published in a recent issue of Physical Review Letters.

Although water and uranium are not unique to Oklo, no other natural reactor has ever been found.

"It's very strange that something happened only once in nature," Meshik said. "But Oklo is very unique."

He explained that, after the fission process had finished, a geological shift caused the Oklo reactor to sink a few miles below the surface - where it was preserved from erosion. A few million years ago, another shift brought the uranium deposits back to the surface.

Other reactors could have turned on two billion years ago, only to have their evidence washed away in the intervening eons.

Montclair State University Makes GPS Tracking Mandatory

Via -

Students at Montclair State University in New Jersey are required to have mobile phones fitted with GPS tracking devices as part of their equipment for campus life.

The scheme will cost students $420 a year for 50 minutes of call time per month, unlimited text messaging, emergency GPS tracking and unlimited data use on campus.

Students are not tied into particular phones or contracts, and can choose from a range of options.

"I do not see why they should be adding unnecessary fees to the students who have a hard time paying for college anyway," freshman Sury Lopez told

Other students were more positive, however, maintaining that they liked the safety and convenience aspects of the phones.

"It is very helpful," said student Vanessa Adames. "I have the train schedule on there, and I can check my email."

Montclair State University is one of the first in the US to insist that students have tracking capabilities on their phones.

While the institution regrets the cost to students, it claims to have done everything it could to minimise the financial impact.

"If you are accessing the campus from anywhere with a device attached to your hip, you are also avoiding a lot of costs," said Ed Chapel, vice president of IT at Montclair State University.

SANS Top-20 2007 Security Risks (2007 Annual Update)

On November 27, the SANS Institute will unveil the 2007 Top 20 Internet Security Risks, the research group's seventh annual update of its consensus list of the cyber security risks that caused the most damage to individuals, corporations and government agencies in 2007. Forty three security experts from government, industry and academia in a half dozen countries cooperated to produce the consensus. Their names are listed in the Top 20 which is available online at


No big shockers here.

British Teacher in Sudan Charged & Treated Well

Via NYDailyNews -

A British teacher under arrest in Sudan was formally charged Wednesday with inciting hatred for allowing her 7-year-old students to name a teddy bear Muhammad.

If convicted, Gillian Gibbons, 54, could be sentenced to 40 lashes, a fine or six months behind bars. The case goes to court on Thursday.

State media reported Gibbons, from Liverpool, England, also faced charges of insulting religion and showing contempt of religious beliefs.

"Khartoum north prosecution unit has completed its investigation and has charged the Briton Gillian under Article 125 of the criminal code," the SUNA agency said, quoting a senior Justice Ministry official.

In London, Foreign Secretary David Miliband summoned the Sudanese ambassador to discuss the matter, the British government said.

Gibbons, a teacher at the Unity School in the Sudanese capital Khartoum, was arrested after her class chose potential names for the stuffed toy and voted overwhelmingly to name the teddy Muhammad.

Muhammad is the most popular boy's name in Sudan and in much of the Muslim world, but some consider giving it to an inanimate object to be blasphemous. Some parents complained after their children told them about the teddy bear.

One boy in the class said he had suggested the name.

"The teacher asked me what I wanted to call the teddy. I said Muhammad. I named it after my name," the youngster told the BBC.

His parents told reporters that Gibbons was a "very nice" teacher who never mentioned religion in class.

Robert Boulos, director of the Unity School, has said Gibbons would never intentionally insult Islam and that it was an innocent mistake. He has closed the school until January for fear of reprisals.

Three British Embassy officials and a colleague from the school were allowed to visit Gibbons in jail.

"I can confirm that we have met Ms. Gibbons and she said she is being treated well," said British consul Russell Phillips. "We remain in close contact with the Sudanese authorities on this case."

Tuesday, November 27, 2007

Tools of the Trade - Glider Version

(I just created this Animated GIF in Photoshop CS2)

On to the tools...

On Nov 27th, Adam Laurie released RFIDIOt v0.1r. RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).

On Nov 27th, Nmap 4.2.3 RC3 was released. Check the changelog for the details.

On Nov 26th, Filezilla 3.0.4 was released. Changes include the following:
  • Implement FTP Proxy support. Note that using a properly configured NAT router is recommended instead
  • Implement FTP keep alive for those connecting to improperly configured servers
  • Fix crashes if deletig files in directories with more than 200 entries
  • Compatility improvements with VMS and z/VM servers
  • Now requires GnuTLS 2.0.4 which fixes a problem with servers using compression
  • Changing list of ascii files or increasing number of concurrent transfers had no effect until restart of FileZilla
On Nov 26th, CCleaner v2.03 was released. Check out the version history for al the details.

On Nov 26th, Mozilla release Firefox This release fixed three security issues. Mozilla also recently released Firefox 3.0 Beta 1 for Windows. The Firefox 3.0 Beta 1 release is not recommend for anyone but developers and testers. I installed it for an upcoming article for TechTarget and I did run some freezing and page compatibility issues.

On Nov 24th, Pidgin 2.3.0 was released. Pidgin (formerly Gaim) is a multi-protocol Instant Messaging client that allows you to use all of your IM accounts at once. Check out the changelog for all the details.

On Nov 16th, Xavier Roche released HTTrack Website Copier for Windows 3.42. HTTrack is a free (GPL, libre/free software) and easy-to-use offline browser utility. It allows you to download a World Wide Web site from the Internet to a local directory, building recursively all directories, getting HTML, images, and other files from the server to your computer.

On Nov 7th, SIPVicious 0.2.1 was released. SIPVicious tools address the need for traditional security tools to be ported to SIP. This package consists of a SIP scanner, a SIP wardialer, and a SIP PBX cracker. Written in Python.

In other news....Do you believe in Evolution?

Well, you should because it has been renamed "Maltego" and a GUI beta is expected at the end of this week. Hopefully with the TAS discovery specification fully implemented. This will allow you to write your own Transforms and discovery all types of hidden information from the interweb.

In addition, it looks like Cain & Abel v4.9.8 slipped out on Oct 26th. New features include the following:
  • Added support for new AES-128bit Keyfobs in RSA SecurID Token Calculator.Microsoft SQL Server 2005 Password Extractor via ODBC.
  • Fixed a bug in Internet Explorer 7 AutoComplete password decoder.
  • Default HTTP users and passwords fields updated.
  • Automatic recognition of AirPcap TX capability based on channels.

Apple QuickTime 7.2/7.3 RTSP Response Universal Exploits

Apple QuickTime 7.2/7.3 RTSP Response Universal Exploit (IE7/FF/Opera)

Apple Quicktime (Vista/XP RSTP Response) Remote Code Exec

QuickTime RTSP Response remote stack rewrite exploit for IE 6/7

Apple QuickTime 7.3 RTSP Response 0day Remote SEH Overwrite PoC Exploit

They appear to be coming fast and hard....

Pupil Defends Teacher Over Teddy Bear in Sudan

Via -

A seven-year-old Sudanese boy has defended his British teacher, who stands accused of insulting Islam's prophet, saying that he had suggested calling the class teddy bear Muhammad because it was his own name.

Police arrested Gillian Gibbons, 54, on Sunday after complaints by parents that she had acted blasphemously in allowing the toy to be called Muhammad. Gibbons, a teacher at the exclusive British-style Unity high school in Khartoum, had asked her pupils to name the bear as part of a project to teach them about animals and their habitats. "The teacher asked me what I wanted to call the teddy," the boy told Reuters. "I said Muhammad. I named it after my name."

His suggestion was put to a class vote and was the clear winner. The boy, who said he was not thinking about the prophet when he put forward his choice, described Gibbons as "very nice".

Gibbons, who is from Liverpool, spent her third night in jail yesterday, as she was moved from a local police station to a bigger police office in Khartoum north, where she is waiting to be charged. She has retained a local lawyer, but embassy officials were prevented from seeing her yesterday.

"She is still in detention and the investigation appears to be ongoing," said a British embassy spokesman in Khartoum. "We visited her on Monday and we hope to be allowed to see her again tomorrow morning."

Gordon Brown said yesterday that he felt "very sorry for what has happened to Miss Gibbons", and that every effort was being made to ensure a speedy release. The Muslim Council of Britain also condemned the arrest, saying it was "obvious that no malice was intended".


The Sudanese government is insisting the law follow its course. Mohamed al-Mardhi, the justice minister, told local media that he had ordered the country's general prosecutor to take charge of the case. "[The charges] are under the Sudanese penal code ... insulting religion and provoking the feeling of Muslims," he said. The offence carries a penalty of six months in jail or 40 lashes.

The teddy bear incident occurred in September, a month after Gibbons arrived in Sudan, but it was not until last week that Unity's director was informed that a few parents had complained to the Ministry of Education that their religion had been insulted. For devout Muslims, any depiction of the prophet Muhammad is regarded as blasphemous.

The school is closed until January, for fear of reprisals. The feeling among most teachers and parents at Unity - Muslim and non-Muslim - is that the Sudanese authorities have overreacted.

"I'm annoyed ... that this has escalated in this way," Muhammad's mother said. "If it happened as Muhammad said, there is no problem here - it was not intended."

An English mother, who had a child in one of the other classes in Unity, said: "I was just gobsmacked. And when I talked about it to colleagues who were Muslims, they felt the same. They were amazed.

"When I first heard about the teddy bear I thought 'Oh no, don't go down that road. That's a really bad idea.' But she had just arrived in Sudan. She must have been idealistic, full of new ideas. She just didn't realise that it was such a problem."

Even the Sudanese embassy in London called it a "storm in a teacup". Khalid al-Mubarak, the embassy spokesman, told the BBC he expected the case would be treated as a "minute complaint", and that cultural differences had caused the problem.


The Sudanese Government needs to come to its true senses, then perhaps they will began to see that sometimes kids are just being kids (and it is the teacher's job to encourage growth and learning)...and while religion might be important to them, it might not be the main focus of every decision or action.

According to Kirsty Saunders of the British Foreign Office, under Sudan's laws a person can be held for no more than 24 hours without charge. Well, it has been more than three days...

People's G.R.L. Communique

Via G.R.L. -

街道画研究实验室将带 L.A.S.E.R Tag 来参加
香港的微波新媒介艺术节 (Microwave New Media Art Festival). 街道画研究实验室将在2007年11月17 日和18 沿九龙和港岛的港口用激光轰炸有趣的目标。街道画研究实验室将允许香港的任一个街道画作家或普通的公民使用60微瓦特激光, 1800瓦特的音响和一个大投影机来
自由(FREELY)公开地谈论登广告者,公司和政府的规模。如果您是街道画作家、活动家、黑客、DJ 、B男孩或MC (或为任何东西), 请联络街道画研究实验室。

The Graffiti Research Lab is bringing L.A.S.E.R. Tag to Hong Kong for the Microwave New Media Art Festival. The G.R.L. will be laser-bombing targets of interest along the harbor fronts of Kowloon and Hong Kong Island on the 17th and 18th of November, 2007. The L.A.S.E.R. TagFREELY speak their mind in public on the scale of advertisers, corporations and governments using a 60 milliwatt laser, 1800 watts of audio and a big-ass projector. If you are a graffiti writer, activist, hacker, DJ, B-boy or MC (or just up for anything) contact the G.R.L. unit will allow any graffiti writer or ordinary citizen of Hong Kong to

UPDATE: special guest appearances by MC YAN and Graphic Airlines on the 17th and 18th respectively.

For more info on the events click here.

Soulja Boy Dance

Check out this awesome video from my friends of Luvbeat.

Monday, November 26, 2007

Apple QuickTime 7.3 RTSP Response 0day Remote SEH Overwrite PoC Exploit

Apple QuickTime contains a stack buffer overflow vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service condition.

Real Time Streaming Protocol (RTSP) is a protocol that is used by streaming media systems. The Apple QuickTime Streaming Server and QuickTime player both support for RTSP. Apple QuickTime contains a stack buffer overflow vulnerability in the way QuickTime handles the RTSP Content-Type header. This vulnerability may be exploited by convincing a user to connect to a specially crafted RTSP stream. Note that QuickTime is a component of Apple iTunes, therefore iTunes installations are also affected by this vulnerability. We are aware of publicly available exploit code for this vulnerability.

By convincing a user to connect to a specially crafted RTSP stream, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. An attacker can use various types of web page content, including a QuickTime Media Link file, to cause a user to load an RTSP stream.


More carnage make possible by Apple's cutting edge Quicktime and iTunes product line.

Warp Power to the Russian Election Spin Machine

Via New York Times -

MOSCOW, Nov. 26 — President Vladimir V. Putin today accused the United States of trying to taint the legitimacy of upcoming Russian parliamentary elections by pressing a group of prominent independent election observers to abandon their attempts to monitor the campaign.

Mr. Putin contended that the election monitors, who are deployed by the Organization for Security and Cooperation in Europe, had canceled their plans to monitor the parliamentary balloting because of pressure from the State Department in Washington.

Mr. Putin’s statements in recent weeks have taken on an increasingly nationalistic tone as he has sought to muster support for his party in the balloting on Sunday. Speaking to reporters today in St. Petersburg, he once again criticized what he suggested was foreign meddling in Russia’s affairs.

“According to information we have, it was again done at the recommendation of the U.S. State Department and we will take this into account in our inter-state relations with this country,” he said. “Their goal is the delegitimization of the elections. But they will not achieve even this goal.”


A spokeswoman for the election observers today called Mr. Putin’s assertion “nonsense.” The United States Embassy in Moscow would not immediately comment.

The election-monitoring arm of the O.S.C.E., the Office for Democratic Institutions and Human Rights, or O.D.I.H.R., announced on Nov. 16 that it was canceling its mission to Russia, saying that restrictions imposed by the Russian government had made it impossible for it to carry out its work. The State Department and European diplomats supported the decision.

Urdur Gunnarsdottir, a spokeswoman for the monitoring arm, said Mr. Putin was misinformed about the reasons for the group’s withdrawal.


O.D.I.H.R. has monitored every election in Russia since the fall of the Soviet Union in 1991. Its presence was viewed as an effort by Moscow to ensure that elections complied with international standards.

But the Kremlin has in recent years chafed at the group’s reports, contending that they were biased against the government.

After the 2004 presidential elections, which Mr. Putin won in a landslide, the group stated flatly that the campaign had not been conducted fairly.

In recent months, Russian officials maintained that monitoring group needed to be reformed. At the same time, the Kremlin repeatedly delayed the issuing of visas to the group’s monitors, preventing them from observing the campaigning for Parliament around the country, as well as news coverage, as is customary.

Russian officials then abruptly said they would sharply limit the size of O.D.I.H.R.’s mission to only 70 people, down from 400 in the parliamentary election in 2003.

AirDefense 2007 Retail Shopping Wireless Security Survey

As the 2007 holiday shopping season officially gets underway, AirDefense, the innovator that launched the wireless LAN security market, to day unveiled results from its comprehensive “2007 Retail Shopping Wireless Security Survey” of wireless data security and physical security practices in place at more than 3,000 stores nationwide and also in parts of Europe. Cities monitored were Atlanta, Boston, Chicago, Los Angeles, New York City, San Francisco, London and Paris. Research was conducted in some of the busiest shopping areas in the country, including: Rodeo Drive in Beverly Hills, Madison Avenue and 5th Avenue in New York City, Michigan Avenue in Chicago, Union Square and Market Street in San Francisco.

Sudan Accuses Teacher of Islam Insult

Via New York Times -

NAIROBI, Kenya, Nov. 26 — The Sudanese police arrested a British schoolteacher and accused her of insulting Islam after she allowed her 7-year-old pupils to name a class teddy bear Muhammad, Sudanese officials said today.

The teacher, Gillian Gibbons, was arrested on Sunday in Khartoum, Sudan’s capital, after a number of parents complained, said Rabie A. Atti, a government spokesman.“How can you call a bear Muhammad?” he said. “Muhammad is the holy prophet of Islam.”

Dr. Rabie said the authorities had obtained a letter Ms. Gibbons sent home with students explaining that her primary school class was doing a project on animals and had adopted a teddy bear named Muhammad.

“Her letter said there was an intelligent bear named Muhammad, and the letter instructed parents to take pictures with this bear,” Dr. Rabie said. “This is not acceptable, according to the general opinion of our society.”

In Islam, insulting the Prophet Muhammad is considered a grave offense, and the law of northern Sudan, where Khartoum is located, makes this a crime. The private, relatively expensive Unity School in Khartoum, where Ms. Gibbons taught, educates a mix of Christian and Muslim Sudanese children, and the lessons are in English.

Ms. Gibbons is in jail, pending further investigation, Dr. Rabie said.

“If she is innocent, she will be set free,” Dr. Rabie.


Any teacher that is working in Sudan to bring Christian and Muslim students together is more than praiseworthy.

In 2006, the second most popular name for males in England and Wales was Muhammad (includes all 14 different spellings). Right behind the name Jack...they really love that name.

Immune System Reboot Could Treat Autoimmune Disease

Via Wired -

With the help of an ingenious protein hack, scientists have used stem cells to grow new immune systems in mice -- a technique that could someday treat human autoimmune diseases.

In a study published in Science, Stanford University researchers described how blood-forming stem cells generated new immune systems when injected into mouse bone marrow. That wasn't particularly surprising; the real breakthrough took place before the stem cell injections, when the researchers erased the old immune systems.

Traditionally, this is done with radiation and chemicals that also destroy surrounding tissue and sometimes cause brain damage, infertility or cancer. Instead of these scorched-earth therapies, the Stanford scientists gave the mice an antibody designed to neutralize existing blood-forming, or hemapoietic, stem cells. Hematopoietic cells are the building blocks of the immune system; with the old cells out of the way, the researchers added new ones, then sat back and watched fresh immune systems grow.

Duplicating this feat in humans is the holy grail of treatments for for autoimmune diseases, in which bodies are attacked by their own defense systems. But before that happens, more mouse work needs to be finished. The Stanford mice were engineered to possess non-functioning immune systems: they had the necessary components, but the system wasn't on-line.

The researchers must next make their technique work in fully functional mice. Then they need to figure out how to design human-specific antibodies, as the mouse antibodies targeted proteins not present in our own cells.

But if they can do this, the ramifications are enormous: an estimated 20 million Americans suffer from autoimmune diseases, including type 1 diabetes, arthritis and multiple sclerosis. Many other conditions, including chronic fatigue syndrome and obesity, are suspected of having an autoimmune component.


I love biology...

Google Wants Your DNA

Via -

LOS ANGELES - 23andMe, a Google-funded online company selling a $999 ($NZ1314) DNA test, launched as a kind of genetics-based MySpace or Facebook that also has the more serious aim of allowing medicine someday to target its users' ills more precisely.

Users sign up for the DNA saliva test online and receive and return it by mail. Four to six weeks later, the results are online, allowing them to learn about their inherited traits, their ancestry and - likely with the help of a professional to look at the data - some of their personal disease risks.

The website, which takes its name from the 23 pairs of chromosomes that make up each person's genome, says it will display more than a half-million data points in users' genomes in a form they can visualise and understand.

"Compare your genetic blueprint to your friends and family," the site invites.

Down the line, when the company's database is much larger, users will have the option to take part in scientific studies that could help researchers determine such things as who is in danger of having a life-threatening drug reaction or who may be more likely to benefit from a specific cancer treatment.

"The mission of 23andMe is to take the genetic revolution to a new level," said 23andMe co-founder Linda Avey.


While technology has made it easier to find and share information, it has also made security and privacy issues critical.

The protection of genetic information is particularly important to many consumers, who fear that insurers or other groups may use genetic data to deny coverage to or discriminate against people predisposed for serious disease.

23andMe's founders say the personal data in their system is secure and under the user's control - protected by more than a dozen levels of authentication and encryption from the lab to the user.

The two women say aggregated genomic data will eventually be made available to people outside 23andMe for study - but never sold.

"The data will not leave 23andMe," said Avey, who came to the project with sales and business development experience in the biopharmaceutical industry.


No thanks. Where do I opt-out?

Monopoly Releases Special 'Regular Monopoly' Edition

Via TheOnion -

PAWTUCKET, RI—Following the success of its Star Wars Monopoly, I Love Lucy Monopoly, College Monopoly, Monopoly Junior, and Monopoly Electronic Banking Edition, Hasbro announced Monday the release of its latest Monopoly incarnation, Regular Monopoly Monopoly.

"This unique 'regular' version of the classic board game will feature faithful reproductions of the Monopoly game board, paper money, and game pieces such as a thimble, top hat, and Scottie dog," read a Hasbro press release on the new game, which also replaces the iconic, high-valued properties of Mariowalk and Luigi Place with its own fancifully named "Boardwalk" and "Park Place." "We at Hasbro continue to be amazed at how a nearly 80-year-old real-estate game easily transitions into all these diverse and unpredictable forms."

Hasbro also announced that it will release an all-new, non-deluxe edition of Scrabble for the holiday season.

Saturday, November 24, 2007

Syria Blocks Facebook to Fight Political Activism

Via Gulf Times -

DAMASCUS: Syrian users of Facebook said yesterday the authorities had blocked access to the social network website as part of a crackdown on political activism on the Internet.

“Facebook helped further civil society in Syria and form civic groups outside government control. This is why it has been banned,” women’s rights advocate Dania al-Sharif said.

“They cut off communications between us and the outside world. We are used to this behaviour from our government,” said Mais al-Sharbaji, who set up a Facebook group for amateur Syrian photographers.There was no comment form the government, which has intensified a campaign against bloggers, virtual opinion forums and independent media sites in recent months.

Syria has been under emergency rule since the Baath Party took power in a 1963 coup. No public criticism of the party and the powerful security apparatus is allowed. Scores of dissidents have been jailed over the past year.

Thousands in Syrian use Facebook to communicate with relatives and friends abroad. The social network also links groups with political and cultural interests. Syrians who have pages on the site include businessmen with links to the ruling class and pro-government commentators.

Israel Officer Tried to Sell Army Secrets

Via Gulf Times -

JERUSALEM: An Israeli army psychiatrist who offered to sell military secrets to Iran, Russia and Hamas was charged with spying yesterday, police said.

The 45-year-old reserve officer was apparently unsuccessful in his alleged attempts to pass information on Israel’s wartime evacuation and medical plans, although police said he did receive a reply from the Iranian foreign ministry.

Tehran and Hamas, the Palestinian Islamist movement that controls the Gaza Strip, are avowed enemies of the Jewish state, which Iran’s president has said should be “wiped off the map”.

According to the indictment for conspiracy to commit espionage and contact with foreign agents, major David Shamir wrote to Iranian consulates in Britain and Turkey and to a Gaza university offering to “join the struggle” in exchange for cash.

Police said he also asked to join Russia’s FSB security agency, the successor organisation to the Soviet KGB that was once headed by President Vladimir Putin. He got no reply.

CSRF Demystified

Via GNUCitizen -

Cross-Site Request Forgery has been all over the press recently since several major sites and web applications were plagued by exploits and uncovered vulnerabilities - including GMail, Google AdSense and many others. When talking to developers about CSRF there’s mostly not that much knowledge and a lot of misconceptions and FUD. Sometimes the term CSRF hasn’t even been heard of before. So, with this article, I will try to provide a basic explanation about the attack pattern itself, come up with several real word examples and finally summarize a list of things developers can do to protect their sites against CSRF attacks.


Check out the full blog above for all the CSRF details. It isn't a new attack, but it seems to be on everyone's radar learn up.

Cellphone Tracking Powers on Request

Via -

Federal officials are routinely asking courts to order cellphone companies to furnish real-time tracking data so they can pinpoint the whereabouts of drug traffickers, fugitives and other criminal suspects, according to judges and industry lawyers.

In some cases, judges have granted the requests without requiring the government to demonstrate that there is probable cause to believe that a crime is taking place or that the inquiry will yield evidence of a crime. Privacy advocates fear such a practice may expose average Americans to a new level of government scrutiny of their daily lives.

Such requests run counter to the Justice Department's internal recommendation that federal prosecutors seek warrants based on probable cause to obtain precise location data in private areas. The requests and orders are sealed at the government's request, so it is difficult to know how often the orders are issued or denied.


Moral of the Story - If you want to go somewhere secretly, leave your phone and don't take your toll tag. Make sure your tires don't have RFID in them and that your car doesn't have OnStar and on and on and on.

I think the following quote from the Sneakers (1992) describes it best...

Carl: So it's a code breaker.
Martin Bishop: No. It's THE code breaker. No more secrets...

Credit Card Thieves Flood Wikimedia With Pennies

Via SecurityFix -

The Wikimedia Foundation, the parent organization of the free online encyclopedia Wikipedia and other open-source projects, recently increased the minimum amount it will accept in donations after scammers apparently began testing the validity of stolen credit cards by sending a series of 1-cent "donations" to the group.

On Nov. 8, Wikimedia saw hundreds of penny donations come in over a very short period of time. In many cases, Wikimedia donors leave messages of support or praise for the organization along with their gift, but all of the fake donations were anonymous and contained no greeting, suggesting their submission may have somehow been automated.

Wikimedia spokesperson Sandra Ordonez said the group wants to keep a low minimum contribution amount so as not to discourage donations from people in countries where a dollar may be a substantial sum and a very generous gift. "But for those one-penny donations, it was costing us more to process them," she said. "We were actually getting negative money back."

Wikimedia has now increased the minimum contribution it will accept to one dollar.


Sadly, this might do little to stop this activity. Bringing it out in the public eye might make the bad guys pause, but increasing the limit will do little.

Remember, it isn't their money that they are dealing cent, one dollar - no difference.
One valid card could bring hundreds or perhaps even thousands in cold hard cash.

Wikimedia might have to close anonymous contributions to fight this issue.

Thanks to my friend, Fergie for the heads up.

Police Disperse Protesters in Moscow

Via -

MOSCOW MILLS — Riot police on Saturday dispersed an anti-Kremlin rally led by former chess champion Garry Kasparov and other prominent opposition leaders who have come under growing pressure ahead of Dec. 2 elections.

The police, who had surrounded the area, moved in when about 150 of the several thousand protesters broke through police lines and tried to march to the Central Elections Commission.

The protesters were demanding an end to the authoritarian rule of President Vladimir Putin.

"We should overcome the fear that the regime uses to sustain itself," Kasparov told the crowd.
"For the Putin regime, our country is just a source of enrichment."

Police have violently dispersed several so-called Dissenters Marches in the past year, beating demonstrators and bystanders with truncheons and dragging many off to police stations.
The city gave the organizers permission to hold the rally but forbid them to march to the Central Elections Commission.

Skype Encryption Stumps German Police

Via Yahoo! News -

WIESBADEN, Germany (Reuters) - German police are unable to decipher the encryption used in the Internet telephone software Skype to monitor calls by suspected criminals and terrorists, Germany's top police officer said on Thursday.

Skype allows users to make telephone calls over the Internet from their computer to other Skype users free of charge.

Law enforcement agencies and intelligence services have used wiretaps since the telephone was invented, but implementing them is much more complex in the modern telecommunications market where the providers are often foreign companies.

"The encryption with Skype telephone software ... creates grave difficulties for us," Joerg Ziercke, president of Germany's Federal Police Office (BKA) told reporters at an annual gathering of security and law enforcement officials.

"We can't decipher it. That's why we're talking about source telecommunication surveillance -- that is, getting to the source before encryption or after it's been decrypted."


Now you know why they are pushing for government trojans.

Thursday, November 22, 2007

U.N.: Pakistan Must Free Judges Before Vote

Via -

DUBLIN (Reuters) - Pakistan must reinstate all the judges dismissed under emergency rule or endure a "twisted form of democracy" where the judiciary is utterly subservient to the executive, UN human rights boss Louise Arbour said on Thursday.

Allies of Pakistani President Pervez Musharraf are gearing up for an election on January 8 while his opponents are still undecided whether to boycott polls they say will not be free and fair under emergency rule, which was imposed on November 3.

Many judges and lawyers whose interpretation of the law posed the most serious challenge to Musharraf's authority, remain under house arrest or in prison.

Earlier in the day the Supreme Court, now stacked with judges friendly to Musharraf, threw out the last challenge to his October 6 re-election and paved the way for him to quit as army chief.

Arbour, the United Nations High Commissioner for Human Rights and a former prosecutor for international criminal tribunals on Yugoslavia and Rwanda, said Pakistan faced a "terrible deficit in governance" without a free judiciary.

"It is not enough to move towards free and fair elections unless all the judges who were dismissed or suspended are fully reinstated in their previous capacity," she told reporters in Dublin.

"Otherwise we will have a very twisted form of democracy where the judicial branch will have been made totally subservient to the executive," she said on the sidelines of a human rights conference.

Wednesday, November 21, 2007

Sweden Has it All - Indians, Cowboys and Pirates

Via -

Environmental activists in Stockholm have taken to sabotaging SUVs as a means of prompting motorists to cut down on carbon dioxide emissions.

On Monday night, ten vehicles in the capital were targeted by a group calling itself The Indians of the Concrete Jungle.

As has become customary in recent months, the activists made their point by letting the air out of the tyres of Sports Utility Vehicles. According to police, the tyres are sometimes slashed before the environmentalists move on to their next target.

Since the summer, the group has claimed responsibility for hundreds of attacks on SUVs in an attempt to tackle what its members describe as "one of the most provocative and insane sources of unnecessary carbon emissions".

"If selective SUV-disarmament is done repeatedly and on a massive scale, it will develop from a slight annoyance in the eyes of the owners into a real obstacle for driving the things, thus putting an end to perhaps the most obnoxious aspect of bourgeois carbon addiction," the group said in a statement.

Police received a number of complaints on Tuesday from vehicle owners in the Fredhäll area of Stockholm.

"We are encouraging car owners to be on their guard. In a number of cases they have failed to notice the sabotage before driving off in their vehicles, thereby putting themselves and others in danger," said police commissioner Johan Lindborg.

SUV owners in Stockholm are not the only ones who need to stay on the alert, as new "tribes" have also emerged in Gothenburg, Malmö and Sundsvall.

Every time The Indians of the Concrete Jungle sabotage an SUV, they also leave a note for the owners explaining the potentially devastating effects of climate change.

"This does not have to happen if we impose a radical cut on carbon emissions. Now. Not tomorrow. That’s why we have disarmed your SUV by deflating the tires," they write.

But the Indians' methods have not gone unchallenged. During the autumn the similarly anonymous Cowboys of the Concrete Jungle set up a website using the same design as their environmentalist foes.

"There are many of us who view their methods with disgust, and if the Sheriffs of The Concrete Jungle (the police) can't manage to get to grips with them, we will continue to organize in order to protect our rights and our property," they wrote.

The Cowboys added that they were in the process of creating a network around the country with plans to infiltrate the activist group and reveal the identities of its members.

Google Searches that make you go hmm...

If you are using google to convert your radioactive Green Salt (UF4), then perhaps you shouldn't be doing
Perhaps it is just a student, but it is definitely a search that "makes you go hmmm..."

AQIM Member Arrested with 800 kgs of Explosives

Via -

ALGIERS (Reuters) - Algerian security forces arrested a senior member of an Islamist armed group and seized 800 kg (1,765 lbs) of explosives, the official news agency APS reported on Monday.

Bouderbala Fateh, the head of the Algiers section of the al Qaeda Organization in the Islamic Maghreb, was arrested along with two accomplices in a raid after a tip-off from local people, the agency said, quoting a security source.

The agency, which did not state where or when the arrests took place, said the explosives had been ready to go off and were intended for use during the Muslim fasting month of Ramadan which in Algeria this year began on Sept 13.

Security forces also recovered a rocket, 20 detonators and two schoolchildren's satchels rigged up as bombs.

Bouderbala, also known by the nom de guerre Abdelfatah Abou Bassir, had belonged to several armed groups over the past 14 years including the Salafist Group for Preaching and Combat (GSPC).

Al Qaeda in the Islamic Maghreb grew out of the GSPC in January after winning approval from Osama bin Laden to rename itself an al Qaeda affiliate.

Saudi Court Punishes Rape Victim

Via -

A Saudi Arabian court has doubled a corporal punishment sentence imposed on a rape victim after she spoke out about her case.

But the decision to give a woman who was gang raped a six months jail term and 200 lashes received only mild criticism from the US on Monday.

An official at the general court in Qatif, in Saudi Arabia's eastern province, said judges had increased the sentence because of the woman's "attempt to aggravate and influence the judiciary through the media".

The woman's name has not been released.

The case has drawn criticism internationally, with Canada saying on Monday it would complain to the Saudi authorities about the sentence.

E-voting Vendor Sued Over Machine Change

Via -

California's chief elections official has sued a popular e-voting device vendor for almost $15m in a suit that claims Election Systems & Software (ES&S) repeatedly violated state laws requiring it to receive certification for a ballot-marking device before selling it to county voting officials.

The suit (PDF here), filed by California Secretary of State Debra Bowen, accuses ES&S of selling 972 AutoMark A200 devices to five California counties even though the machines, which make it easier for blind people to vote, had not undergone inspection - as required by law. A previous version, the AutoMark A100, received official state approval in 2005 under a previous secretary of state, but California law mandates that certified devices can't be modified unless the secretary of state has determined the changes don't impair their accuracy.

Musharraf Likely to Quit Army by Weekend

Via Asharq Alawsat Newspaper (Arabic Daily in London) -

ISLAMABAD (AFP) - Pakistan's Pervez Musharraf is set to step down as army chief and swear a new oath of office as a civilian president by the weekend, the country's attorney general said Wednesday.

Malik Mohammad Qayyum told AFP that if the Supreme Court throws out a final legal challenge Thursday to Musharraf's re-election as expected, the military ruler would hang up his uniform within days.

"If the Supreme Court lifts the stay order against his re-election, then President Musharraf is likely to take the oath as a civilian president by Saturday or Sunday," Qayyum said.

On Monday the top court dismissed the main five of six challenges against Musharraf's October 6 victory, leaving just one -- regarded as minor -- to be heard Thursday.

The Pakistani leader, who declared emergency rule on November 3, has been under intense international pressure to quit as the chief of army staff, hold free and fair elections, end the emergency and free political prisoners.

Musharraf has promised to quit his army post as soon as the court dismisses all the challenges, so that his victory can be officially validated.

US Plans Case Against AP Photographer

Via Asharq Alawsat Newspaper (Arabic Daily in London) -

NEW YORK, (AP) -The U.S. military plans to seek a criminal case in an Iraqi court against an award-winning Associated Press photographer but is refusing to disclose what evidence or accusations would be presented.

An AP attorney on Monday strongly protested the decision, calling the U.S. military plans a "sham of due process." The journalist, Bilal Hussein, has already been imprisoned without charges for more than 19 months.

In Washington, Pentagon press secretary Geoff Morrell explained the decision to bring charges now by saying "new evidence has come to light" about Hussein, but said the information would remain in government hands until the formal complaint is filed with Iraqi authorities.

Morrell asserted the military has "convincing and irrefutable evidence that Bilal Hussein is a threat to stability and security in Iraq as a link to insurgent activity" and called Hussein "a terrorist operative who infiltrated the AP."

AP Associate General Counsel Dave Tomlin rejected the claim: "That's what the military has been saying for 19 months, but whenever we ask to see what's so convincing we get back something that isn't convincing at all."

The case has drawn attention from press groups as another example of the complications for Iraqis chronicling the war in their homeland — including death squads that target local journalists working for Western media and apparent scrutiny from U.S. intelligence agents.

A public affairs officer notified the AP on Sunday that the military intends to submit a written complaint against Hussein that would bring the case into the Iraqi justice system as early as Nov. 29. Under Iraqi codes, an investigative magistrate will decide whether there are grounds to try Hussein, 36, who was seized in the western Iraqi city of Ramadi on April 12, 2006.

Tomlin said the defense for Hussein is being forced to work "totally in the dark."

The military has not yet defined the specific charges against Hussein. Previously, the military has pointed to a range of suspicions that attempt to link him to insurgent activity.

The AP also contends it has been blocked by the military from mounting a comprehensive defense for Hussein, who was part of the AP's Pulitzer Prize-winning photo team in 2005.

New Neutron Scatter Camera Could Detect Smuggled Nuclear Material

Via -

In an effort to find an answer to the problem of identifying smuggled special nuclear material (SNM), researchers at Sandia National Laboratories in California say a neutron scatter camera they are developing may be able to detect radiation from much greater distances and through more shielding than current detection instruments.

The neutron scatter camera, says Sandia physicist Nick Mascarenhas, has the capability to count neutrons from a source of SNM and localize it — meaning it doesn’t only indicate there is radiation present, but also where it is emanating from and, under some circumstances, how much.

“This instrument can pinpoint a hot spot in another room through walls, something not typically possible with gamma-ray detectors,” says Mascarenhas. “Performance-wise, it’s beating the older technologies, but we want to continue to push the limits of sensitivity and detection distance.”

Distance, says Mascarenhas, is a significant benchmark because it means the neutron scatter camera has the potential to detect through various types of shielding, a concern at any border crossing or point of entry.

Results of neutron scatter camera testing have been encouraging. “It’s more penetrating and can detect unambiguously at a greater distance and through more shielding,” says Jim Lund, who manages the Rad/Nuc Detection Systems group at Sandia/California.

Since 9/11, radiation detection has taken on a new immediacy as a means of preventing a nuclear weapon attack within the United States. Gamma-ray and neutron detectors are being deployed at border crossings and ports, with the goal of enabling interdiction of a nuclear weapon or material before it enters the country.

Germany to Bug Terrorist with Malware

Via -

The German government has reportedly started hiring coders to develop "white hat" malware capable of covertly hacking into terrorists' PCs.

The recruitment push signals that the German government is going ahead with controversial plans, yet to be legally approved, to develop "remote forensic software" (AKA a law enforcement Trojan). BKA federal police have been directed by the Interior Ministry to resume the initiative and hire two "specialists"*, AAP reports.

Proposals to give explicit permission for law enforcement officials to plant malware stem from a Federal Court ruling earlier this year declaring clandestine searches of suspects' computers to be inadmissible as evidence, pending a law regulating the practice. Germany's Federal Court of Justice said the practice was not covered by existing surveillance legislation.

The former East Germany, and the country as a whole before the war, has a dark history of official surveillance. The idea of a law enforcement Trojan has sparked a fierce civil liberties debate, as well as objections from the IT security community.

Geoff Sweeney, CTO with security firm Tier-3, said since the Trojans will almost certainly be launched against suspects disguised as a harmless email, they pose a serious IT security threat if they fall into the wrong hands.

"Reworking of malware goes on all the time. If these Trojans are developed specifically for German anti-terrorist usage, it's almost certain that conventional IT security software will have no protection against their usage on civilian PCs," he said.

Law enforcement Trojans, under active consideration in Austria as well as Germany, are a thoroughly bad idea.

Apple Mail in Leopard with the Same Old Error

Via Heise Security -

In March 2006 Apple defused a security problem in Apple Mail that made it possible to inject disguised malignant code. In Leopard, the patch was apparently forgotten. This means that you can inadvertently start an executable by double-clicking a mail attachment that looks like a JPEG image file.

Files on a Mac can contain additional information, such as the one that another program should be used to open them. The operating system stores these in the file system in a so-called "resource fork", which is linked to the file. This type of information is usually limited to the local system; however, for emails the MIME format AppleDouble allows resource forks to be attached -- these are automatically analyzed by Apple Mail.

This allows an attacker to create an email with an attachment called picture.jpg that is displayed with a JPEG icon. But when the user tries to open the picture, Apple Mail analyses the resource fork and executes a shell script, for example, without further warning. In this case, even the MIME type displays the attachment as image/jpeg, but careful Mac users may become suspicious when they see that the picture is not immediately displayed as usual. You can use the heise Security Emailcheck to have a harmless e-mail sent to you that demonstrates the problem.

In March 2006 Apple corrected this problem. On a current installation of the Tiger OS, Apple Mail issues a warning that the supposed image file is a program and is to be opened with Terminal. Apple apparently either did not incorporate this update into Leopard, or did not do it correctly. In tests performed by heise Security, the Terminal window opened directly in most cases when the attachment to the Emailcheck test email was opened. In only one email this occurred the first time the attachment was opened, but subsequent double-clicks suddenly caused the expected confirmation dialogue to be displayed. The test emails are identical except for the subject line and some administrative information in the header.