2007.01.22 Daily Security Reading
by Rodney Campbell on Jan.22, 2007, under Security
In yet another example of why we’re better off without DRM, many owners of the new PlayStation 3 will find that they don’t get a picture every now and then if their playstation is hooked up to their TV via HDMI (HDMI is digital and thus the best way to hook up any digital device). So not only do you have to pay extra to have those DRM chips in your hardware, it also interferes with your ability to use the device in the manner it was supposed to be used.
List of frequently seen TCP and UDP ports and what they mean
List of frequently seen TCP and UDP ports and what they mean. The goal of this port table is to point to further resources for more information.
Computer Security – The New Wave
Many malware blockers are inadequate because they target only known intruders, but there’s hope in new security products.
The Surprising Security Threat – Your Printers
At the Black Hat conference in Las Vegas in August, O’Connor delivered a blow-by-blow presentation on how to bypass authentication, inject commands at the root level and create shell code to take over printers in Xerox Corp.’s WorkCentre line of printers.
There’s more spam now than ever before. In fact, there’s twice as much spam now as opposed to this time last year. And the messages themselves are causing more trouble. About half of all spam sent now is "image spam," containing server-clogging pictures that are up to 10 times the size of traditional text spam. And most image spam is stock-related, pump-and-dump scams which can harm investors who don’t even use e-mail. About one-third of all spam is stock spam now.
Chinese Prof Cracks SHA-1 Data Encryption Scheme
A brilliant Chinese professor has cracked her fifth encryption scheme in ten years. She and her team have taken out the SHA-1 scheme, which includes the (highly thought of) MD5 algorithm. As a result, the U.S. government and major corporations will cease using the scheme within the next few years.
Robert X. Cringely makes some interesting observations as to what Google’s up to next. He theorizes that Google is looking to create a bandwidth shortage that will drive ISP/cable/telephone customers into it’s open arms (often with the blessing of the ISP/cable/telephone company). The evidence: leasing massive amounts of network capacity, and huge data centers in rural areas (close to power-generation facilities). The shortage will only occur if the average bandwidth consumption by individual consumers skyrockets; think mainstream BitTorrent, streaming moves from NetFlix, tv episodes from iTunes, video games on demand, etc.