TorrentFreak seems to have the most involved and comprehensive tale of what they contain.This is a great example of people who do some things well getting caught doing things that are not their strengths.If you are going to establish an organization that will become a target for, arguably, some of the worlds most skilled and experienced technophiles, you should plan accordingly.That they were ever outed at all is a failure, but things like this (quoted from digg article) show how if you are untrained, ignorant, or sloppy, it can bring down an entire enterprise:The genius employee of MD subscribed to a torrent site using the gmail account he had setup as an email archive as the username and used the same password for the torrent site as he did for the gmail account…. Price and availability must be correct or it will be circumvented by someone with time on their hands that will make money created by those that can not, or will not, purchase what you are selling in the way you choose to sell it.This is the gist of all of the DRM, piracy, and putting-the-gene-back-in-the-bottle problem.
Category Archives: Information Security
Traffic analysis and internet scams
A talk given at Google by Professor Ross Anderson entitled Searching for Evil on August 23, 2007.
USB malware on OSX
Once the software is run it will extract data from the Apple Keychain and system settings in order to provide the examiner fast access to the suspect’s critical information with as little interaction or trace as possible.[...]MacLockPick takes advantage of the fact that the default state of the Apple Keychain is open, even if the system has been put to sleep.It also makes use of the openly readable settings files used to keep track of your suspect’s contacts, activities and history. These data sources even include items that your suspect may have previously deleted or has migrated from previous Mac OS X computers.I contacted Apple’s security team to see if they were aware of this, if it works as described and, if so, why would such mechanisms exist in any responsible operating system.
More wifi, more problems
So my DWL-G550 arrived today.”D-Link DWL-G550 High-Powered Wireless-G PCI Adapter” (D-Link Systems, Inc.)I threw it into the system and it powered up and loaded the correct Atheros drivers…. (Personal meaning you’re not running a authentication service like RADIUS, EAP or LEAP (which is just another kind of LEAP by Cisco), or 802.1x, but using PSK [Pre-shared Key] or a certificate.Second, now that you have your /etc/wpa_supplicant.conf configuration figured out from reading the instructions or from that link I mentioned.
WabiSabi is hilarious
With much press release fanfare, WabiSabiLabi has announced that it is to be a marketplace for exploit development.Some particularly funny mentions:Q: I don’t want to give you my personal data. Is there any other way I can partecipate to the marketplace?A: No.
SEO blog defacements
Jeremy Schoemaker asked me to write up a little something regarding the recent string of SEO web defacements for a non-technical audience which he posted in his blog.The SEO industry is very focused on being SEOs.Like many professionals, many attempt to avoid time consuming activities that are not core to their business…. This is a perennial theme of information security writings and I myself have touched on itWeb defacements are nothing new, but the media attention to SEO superstars is notable and makes their online presence an attractive high-value target. The recent mass defacement of SEO wordpress blogs that was launched from a technical adversary using tor is an example of what has become a not uncommon occurrence.What can SEOs, and bloggers in general, do to lessen the risk of public embarrassment from defacements, hacktivism, and information leakage?… (For example, the bugfix for Wordpress v2.0.6 addressed a correction for those webservers that had left register_globals set to “on.” Not recommended in the first place.)Hardening the web services themselves with security modules.Use of a NIDS or HIDS that will actively block or alert upon detection of questionable behaviors.All of these methods involves time and resources that could best be applied to doing what they do best, in this case, being a SEO.
A review of Marcus Sachs: “Behind the Scenes at the Internet Storm Center [ISC]”
Hi Marc-not-Marcus,I wanted to give you some feedback on your presentation this evening atthe ISSA because, frankly, I was a disappointed with some of yourconclusions.First, the whole “the internet is an organism” concept of virus andmalware propagation.Lots of people have said this which, I suppose, makes it a kind ofconventional wisdom speaking point. I don’t agree with it and I’ll tellyou why. It centers around the recurring commentary that many in ourindustry have spoken about regarding shoddy software devdelopment.
Spamking grabbed up by feds
This is going to be huge and it is going to snowball bigtime.The blackhat bodycount is likely to be impressively large.InfoworldValleywagI wouldn’t be surprised if this becomes one of the big-deal (if not the biggest) hacker media events of the year.
Black white and the company store of the new century
Hacktivism and corporate culture seem to be more at odds than ever.
