Score List Hacking: Lessons Learned by Cheating Your Way to Number One, Part 1 of 2

Over the last week, Paul and Larry from Pauldotcom.com joined forces with White Wolf Security to provide a 'unique, fun, and educational exercise' at SANS in Vegas.Specifically, Paul led up the 'bad guys' and Larry led the 'good guys' in an all out cyber war. The results? Lot's of getting owned, getting locked out, but the most valuable lesson had nothing to do with computers.

OK. So, most of the world knows that Sarah Palin had her Yahoo! account 'hacked'. Now, http://www.billoreilly.com/ has also been hacked. Why? How? Details? Read on...

A recent study and presentation at USENIX is making some waves in the AV world as the researchers claim their CloudAV is 35% more effective than tradition AV (note the slight abuse of statistical data there - 35% more effective means AV is at 73% and CloudAV is at 88%). I don't dispute their stats, but my question is...so?

In case you missed it, Dan Kaminsky, DNS and security guru discovered a MAJOR bug in DNS that is...well, no one really knew! However, it was bad enough for all DNS experts around the world and DNS software vendors to fix the problem in what has to be the biggest collective patch ever - without a single leak. Well, hackers being hackers don't need a leak to figure out a problem. They just need a rough idea to fuel the possibilities...

With great power comes great responsibility - and this is no more truer than in IT. Just think about it, they have the access and abilities to snoop into anything on the network, including you email, documents, web traffic, chat sessions and more. But what happens when this power is misappropriated? Well, for better or worse, we have our own confessional - with a surprise ending!

The Password Manager in Firefox is still broken. Using a bit of Javascript, it is relatively easy to steal a victims user/pass right out from under their noses. All it takes is a bit of XSS and a you can not only grab the user/pass, but you can also change the forms action value to one of your own - or just location.href the results to another site, and use the referrer to bounce back to the original site.

The Eye-Fi is a memory card with embedded wireless technology that allows it to connect up to an 802.11 network and transmit pictures back to a listening computer or website. We did a write up on it a while back that detailed a few ways such a solution could be abused. Ironically, the very same concerns we had actually worked out for the good!

Many people in the security field have fond memories of the movie WarGames. This movie not only highlighted the value of war-dialing, but also went on to influence the term war-driving. Well, it has been years (decades?) since I have watched this film and my perspective on all things comsec has changed...

ha.ckers.org has a thought provoking post on a young man who posted about some sad security realities at TJX. Basically, the firewall was installed by someone who apparently didn't know what they were doing, password policies are horrible, etc. TJX figured out who he was and fired him...but for what?

So, imagine you are on the way to present at a security conference and some 'inspectors' come over to talk with you. They know your name, purpose for being there, what you are speaking on, etc. Then they take your phone,SIM card, and software radio, in what appears to be an effort to prevent you from demonstrating a flaw in GSM that allows anyone to capture and decrypt cell phone conversations.

I happen to host a few websites for friends/family members on a server I maintain. This server is VERY limited as to what these members can do. No relaying, no shell access, no web applications - just plain old web server services. Yet, every few days Comcast decides to block all incoming emails originating from my server...and every few days I go through the process to get unblocked. Is it me, or has Comcast really become a poorly managed provider?

We all love swag. In fact, if you attend most any significant security conference, you will see it everywhere. However, thanks to Johnny Long's Hackers For Charity organization, you can now also see that same swag you enjoy so much on someone who actually needs it - Uganda kids!

If you have a music library over 10gig, it can get annoying constantly juggling the files around from device to device. New songs have to be uploaded to my iPod, USB stick, etc. Well, NO MORE. Winamp just released a Beta of an awesome idea. You can now store your data in one location and listen to it from any device with a browser no matter where you are.

So, lets say your job is to prevent policy violations at ACME. While you do this, you get bonuses for each person you catch. So, you install a monitoring system to catch people in the act. At first your software catches hundreds of people and the bonuses are HUGE, but then everyone at ACME realizes you mean business and they just STOP violating policies, which means no more bonuses...what do you do?

Move over Microsoft. RFID might just be a juicier target! With over a billion of these chips in use in building access cards, payment systems and more, the attractiveness of this might catch the attention of the criminal world.

If you haven't heard, it is now possible to hack hearts. The NYT covered this, but to summarize, heart defibrillator's are embedded in the heart and controlled remotely via wireless signals. That should be enough to make you go...ohhhhhhh. However, what are the ramifications?

We just got back from CCDC3 (Collegiate Cyber Defense Competition) and wanted to share our experience. This year we moved from observer to 'hacker', and discovered just how much fun it can be to mess with help educated college students. Read on for more details, pictures and more!

If you were to ask me, anonymous living in the US is impossible. You simply can't do it. Think about it for a moment. Would it be possible to walk into a town, obtain a dwelling, find employment, and do it without anyone really knowing who you are? Well, Popular Science tried to do it for a week...and learned some interesting lessons.        

I received this question via an email from an acquaintance. The actual question revolves around a kiddie porn case where all the kiddie porn is stored in an encrypted file. The government is trying to force the suspect to give up his password, which he is obviously not inclined to do. Can he be forced to turn it over?

I noticed an article that outlined the BSA's bad boy list and had to take a look. As an anti-fan of the BSA, I might have had a bit of a biased opinion going into the article...which didn't do anything to change my opinion. Why? Well, when something like 8 of the 10 companies were fined for using Adobe and 9 of the 10 were fined for using MS, one has to wonder who is behind the BSA?

rsnake recently posted a story about Subvert and Profit, a website that links people who want their article to come to the top of Digg, YouTube, or StumbleUpon with others who are willing to sell their votes. Sound fishy? Well, it isn't and it probably isn't illegal either. Read on for details on how to sell your soul..err..vote!

Got to love it when a story makes headlines, and then turns out to be false. This is exactly the case in the 'Student Given Detention for Using Firefox (foxfire.exe) over IE' story. The student altered the discipline notice that was sent home to the parents - and then somehow it got online...no one seems to know how that happened.        

As with many of our readers, I tend to find myself called upon to fix computers for those I know. While most of these are 10 minute fixes, there are several that really confuse me! So, in this case, a case of a network stack that would not work, I went searching for an answer...and I found it.

I enjoy looking for security bugs in programs. However, it is really hard to justify the time it takes to test for, locate, and analyze any bug that I might find - especially when that time could be better spent doing something more tangibly productive. There is no denying that the research would be worth something to the vendor, but at this time there really is no system in place that compensates free-lance researchers for their efforts. So, how do I turn my findings into something I can support my family with?

I was watching Bionic Woman and happened to notice that the CIA agent had an iPhone - that the bad guy was using. As I was thinking about the security ramifications of an actual CIA agent using such an insecure device, I glanced at the screen and saw that the bad guy had flipped the iPhone over and was talking into the wrong end - silly bad guy (click through for pictures).

Wired has a nice report on the (in)famous Hushmail encrypted email service provider that illustrates why you should never trust any third party company to keep you secure. Click through for link.

When you view an image online, that file is first downloaded to the local PC, where it is cached. Most people are aware of this, which is many keep their cache cleaned out - especially if those images are potentially embarrassing or illegal. Unfortunately, these files are not truly delete, which is why many people get busted with thousands of files once a forensics team gets to the drive.

So, what if it was possible for someone to create a site full of images that you could view in a browser without ever having to worry about left over data on your drive?

The Economist is running an article on innovation and how "The inventor’s trial-and-error approach can be automated by software that mimics natural selection." This originally caught my attention because one person used this approach to build an...

I just got back from IT Security World where I delivered a presentation on Windows Mobile security. One part of this talk includes a close look at how many so called 'secure' programs have some vulnerability that renders them insecure. In fact, we sat down just yesterday with an untested program and it only took us about 15 minutes to complete bypass the protection. Read on for more...

A name has finally been given to an attack vector that has been around for some time. Using this method, an attacker can overlay their own image on top of an existing one on a webpage. Dangerous? Read on to see for yourself...