Rodney Campbell's Blog

Surprises Inside Microsoft Vista’s EULA

Scott Granneman takes a look at some big surprises in Microsoft’s Vista EULA that limit what security professionals and others can do with the forthcoming operating system. As a follow up there has been a revision to Windows Vista retail licensing terms.

Mozilla promises fix for second minor Firefox 2.0 bug

A second bug in the Firefox 2.0 Web browser causes a crash but poses no risk for data loss, a Mozilla official said.

Mobile threats – myth or reality?

The number of infected MMS messages is already close to the amount of malicious code found in mail traffic.

Month of Kernel Bugs

In the spirit of the Month of Browser Bugs, a new project called the Month of Kernel Bugs will be posting one kernel bug a day for the month of November. [Month of Kernel Bugs]

Vista Gets Official Release Dates

Five years, three months and five days after Windows XP made its debut, Microsoft will usher its next-generation OS onto the stage. Microsoft has set November 30 as the release date for Vista (and Office 2007) to business customers and January 30, 2007 as the date for the official launch to consumers and The World At Large.

Bot nets likely behind jump in spam

A significant rise in the global volume of spam in the past two months has security analysts worried that bot nets are increasingly being used by spammers to stymie network defenses erected to curtail bulk email.

Bridging the Telecoms Skills Gap

The telecoms sector is booming once again, following five years of relative dormancy. The evidence is everywhere. In the UK alone there’s BT’s 21CN, which will see over 4500 exchanges swapped out in the coming years. Over the summer of this year, we saw the rollout of the UK’s first HDTV-ready, 10GB Ethernet infrastructure for Sky’s triple-play services.

Employee Privacy, Employer Policy

Two recent court cases where an employee’s reasonable expectation of privacy was more important than the employer’s ability to read any employee’s e-mail – despite a privacy policy that clearly stated any company e-mail can, and will, be monitored.

Net forum produces anti-spam plan

OECD at heart of global fight against evil email IGF Six of the world’s largest anti-spam organisations have set up a new website aimed at killing the online menace.

Hackers break into water system network

An infected laptop gave hackers access to computer systems at a Harrisburg, Pennsylvania, water treatment plant earlier this month.

New Windows attack can kill firewall

Hackers have published code that could let an attacker disable the Windows Firewall on certain Windows XP machines. The code, which was posted on the Internet early Sunday morning, could be used to disable the Windows Firewall on a fully patched Windows XP PC that was running Windows’ Internet Connection Service (ICS)…
The attacker could send a malicious data packet to another PC using ICS that would cause the service to terminate. Because this service is connected to the Windows firewall, this packet would also cause the firewall to stop working.

myspace.com = 127.0.0.1?

MySpace entered a 127.0.0.1 (loopback) address into their DNS tonight causing 1/5 of requests to fail, brilliant!

Seagate Unveils Encrypted Notebook Drive

Seagate Technology on Monday announced another attempt at making a market for encrypted hard drives, and said it would start shipping units to notebook makers early next year.

User tricks, security treats

Thirteen malevolent spirits may haunt the halls and cubicles of your company, and if you’re going to scare them into security compliance you may need to get a little bit spooky yourself.

Metasploit Version 2.7 Released

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This project initially started off as a portable network game and has evolved into a powerful tool for penetration testing, exploit development, and vulnerability research.

USB Hacksaw and USB Switchblade from Hak5

The USB Hacksaw is an evolution of the popular USB Switchblade that uses a modified version of USBDumper, Blat, Stunnel, and Gmail to automatically infect Windows PCs with a payload that will retrieve documents from USB drives plugged into the target machine and securely transmit them to an email account.

Future-proof your IT security

Small, targeted incursions are the next wave of attacks compromising enterprise networks.

Backdoors and Holes in Network Perimeters (pdf)

A Case Study for Improving Your Control System Security.

How Encrypted Binaries Work In Mac OS X

By now we know that OS X uses encrypted binaries for some critical apps like Dock, Finder and LoginWindow. Amit Singh explains the implementation of this protection scheme which makes use of the AES crypto algorithm and a special memory pager in Mach. The so called Do Not Steal Mac OS X (DSMOS) kernel extension helps along the way by decrypting things for the special pager when apps get executed. A funny thing is that if you print the pointer at address 0xFFFF1600 in your own app you get as output Apple’s karma poem for crackers! According to the article there are 8 protected binaries in OSX including Rosetta and Spotlight meta data demon. Interestingly Apple’s window server is NOT one of those.

IE 7 Breaks Juniper SSL VPN

and from what I hear, just about every other SSL VPN. This would not be so bad if M$ was not planning to push out IE7 as an automatic update on November 1st. Current advice: Don’t update/use IE7. Fortunately, M$ released a tool that will automatically block the IE7 auto update.

Anti-scam website hit by DDOS attacks

Help needed… A website set up to help spread information about alleged scammers is suffering so many denial of service attacks that its current host has asked the site to find a new home.

Bot nets likely behind jump in spam

Bots and bot nets have rapidly emerged as one of the major threats on the Internet.

The Ten Most Dangerous Things Users Do Online

End users — god bless ‘em. You can’t live with ‘em — but without them, you wouldn’t have a job. They’re the reason you have an IT infrastructure; they’re also the single greatest threat to the security of that infrastructure. Because, in the end, most users have no idea how dangerous their online behavior is.

MySpace Accounts Compromised By Phishers

Netcraft has discovered that the social networking site MySpace appears to have been compromised by phishers who have presented a spoof login form on the main site. This modified login form submits the victim’s username and password to a remote server hosted in France.

Mac OS X Cracked For PCs Again

Ars Technica and The Register are reporting the Apple Kernel 10.4.8 has been cracked using Apple’s publicly available source trees. This is the first time Apple was hit by hackers again since Maxxuss silently left the scene. The funny thing about this is the hacker who cracked OSx has released his sources according to APSL. He told Ars Technica in an interview that he did this because he believes in freedom of information, but will this now harm Apple’s opensourceness?

Spammers Fined A$5.5 million

A Perth company and it’s director have been issued a A$5.5 million (approx. US$4 million) fine for breaching anti-spam laws. Australian IT watchers may be familiar with the director, Robert Mansfield — he’s been personally fined A$1 million for the offenses. The Company, Clarity1, sent 280 million unsolicited emails of which 74 million hit mailboxes between 4/2004 and 4/2006.