Security
2007.05.31 Daily Security Reading
by Rodney Campbell on May.31, 2007, under Security
Peer-to-peer networks co-opted for DOS attacks
A flaw in the design of a popular peer-to-peer network software has given attackers the ability to create massive denial-of-service attacks.
A written version of a speech Scott Granneman gave at The Open Solutions Summit (AKA LinuxWorld NY) in New York City in February.
UPnP Port Forwarding and Security
Introduces the viewer to port forwarding with Universal Plug In Play, and some of the associated security problems.
The few souls that attempt to read and understand website privacy policies know they are almost universally unintelligible and shot through with clever loopholes. But one of the most important policies to know is your internet service provider’s — the company that ferries all your traffic to and from the internet, from search queries to BitTorrent uploads, flirty IMs to porn.
2007.05.28 Daily Security Reading
by Rodney Campbell on May.28, 2007, under Security
Mathematicians factor 2^1039-1
Mathematicians and number buffs have their records. And today, an international team has broken a long-standing one in an impressive feat of calculation.
Essential Bluetooth hacking tools
Bluetooth technology is great. No doubt. It provides an easy way for a wide range of mobile devices to communicate with each other without the need for cables or wires. However, despite its obvious benefits, it can also be a potential threat for the privacy and security of Bluetooth users.
Link Layer Discovery Protocol Fuzzer Released
The first LLDP (Link Layer Discovery Protocol) fuzzer which includes ten test cases, a presentation and a paper describing the LLDP fuzzer.
2007.05.17 Daily Security Reading
by Rodney Campbell on May.17, 2007, under Security
How quickly are phishing websites taken down?
Examines how long phishing websites remain available before the impersonated bank gets them “taken-down”.
Demonstration of real state with security in search engines, which are the most popular sites in Internet.
Malware Hijacks Windows Update
The BBC are reporting a new piece of malware is in the wild that can hijack Windows Update’s functionality and bypass firewalls allowing it to install malicious code on users PCs.
2007.05.10 Daily Security Reading
by Rodney Campbell on May.10, 2007, under Security
Why should the AACS get all the fun? Princeton prof Ed Felten has come up with a great way of giving out legally protected 128-bit numbers to anyone who wants them. If he gives out 2^128 of these, then all 128-bit numbers will be owned and no one will ever be able to use a 128-bit key without breaking the law. Good times.
Personal Information Protection and Identity Theft Prevention Tips (pdf)
Patch Tuesday Plugs 19 Microsoft Security Holes
All seven of the patch bundles released today earned critical labels.
Bit9 FileAdvisor Search Engine
Bit9 FileAdvisor is a comprehensive catalog of executables, drivers, and patches found in commercial Windows applications and software packages. Malware and other unwanted software that affects Windows computers is also indexed – you can look up a file via it’s name or hash value.
2007.05.04 Daily Security Reading
by Rodney Campbell on May.04, 2007, under Security
Rootkits – The next big enterprise threat?
Capable of cloaking malware, rootkits are fast infiltrating the enterprise to expose sensitive data without detection.
Does it take two browsers to make surfing safe?
The creator of a popular Web server scripting language is so nervous about hackers stealing his personal information that he takes an unusual precaution: He launches a pair of browsers when he takes to the Internet.
Security’s Biggest Train Wrecks
Dark Reading celebrates its first anniversary on the Web, we couldn’t help but look back at some of the goofs, gaffes, and blunders we’ve seen in the past 12 months. Many of them are laughable — as long as you’re not the CSO involved. Others are just plain sad, in that they needlessly exposed the personal information of hundreds — even thousands — of innocent bystanders.
The fight to salvage the copy protection system defending high-definition videos has heated up.
The Top 25 Web Hoaxes and Pranks
These online spoofs and shams have made the rounds on Web sites and through e-mail. Perhaps you even believed one or two of them yourself.