Posts Tagged ‘hacking’
6 Months of Security Links #2011
I’m a regular curator of daily links, and like to give overviews of my collection of curated links and posts. This is partly as there are some good sources and articles in here and as I am working on a research project which I started based on a number of books I read.
I’m sure you’ll find something interesting in the items below – there are some gems in the list – and I dare to hazard the guess you might learn something you wanted to know. 
NDE Magazine 4 Out #lockpicking
NDE Magazine #4 just came out, NDE is a lockpicking magazine covering interesting techniques in locks and picks. The ABUS Challenge proved that with enough time and effort any lock can be defeated.
technorati tags: ezine, ,magazine, ,lockpicking, ,hacking, ,security
Citizen Engineer – True Love #hack
I just finished watching Citizen Engineer, I’m in love. No honest, there is just something about a girl and her soldering iron. There are two things which are discussed in this first episode Phones
- SIM Card Hacking
- Payphone Hacking
The first subject is handled a little too fast for my liking and doesn’t cover all the interesting parts, although it is mostly left up the the viewer to try it themselves. Payphone Hacking is covered in depth, it’s divided into 3 sections:
- Hooking the Payphone up to VoIP
- Fixing the Payphone so it accepts quarters
- Creating a system which can be bypassed with a Redbox
It’s geeky, but it’s fun!
Crunch Time on DNS (CERT #800113) (Update)
I missed updates on the CERT #800113 DNS issue. It seams that we didn’t have the 30 days, as Kaminsky requested, but 13 days. As published by Security Focus on July 22nd and 24th in Kerfuffle erupts as DNS flaw described and Metasploit releases double-whammy for DNS.
I asked my own ISP (XS4all) about this issue, and got the response from the Helpdesk on the 25th:
… although the attack is plausible, it is being over hyped. The chance that this attack will take place is small.
technorati tags: 800113, cert, hacking, kaminsky, risk, security, xs4all
Crunch Time on DNS (CERT #800113)
I don’t know if you know, but the shit is going to hit the fan on August 7th. DNS is vulnerable to another cache poisoning attack and in the spirit of full disclosure Dan Kaminsky will be explaining the fundamental flaw in the DNS protocol itself on the 7th. Before that time every DNS should be patched, even yours
I know I have a caching DNS server in my ADSL modem, and the chance is quite high that you do too. Now is the time to update your modem, get the extra features. Contact your vendor or ISP and get the patch, don’t trust that nothing will happen to you, it will! This is very important.
technorati tags: hacking, kaminsky, cert, 800113, security, risk
Virtual World in Your Browser
RocketOn is social networking from a browser plugin, you can visit sites and collect cool virtual items. Mashable said it Rocked in their article My Journey as a ROCKETON Avatar Rocked, but DarkReading found the twist.
In the article Free Virtual Goodies at Price of Privacy they expand on that. Naturally RocketOn are currently in Alpha, so bugs are to be expected, but this is different. It’s the Alexa Toolbar on acid, and it’s a brilliant marketing concept, except for the tracking cookies, possible bugs and viruses, and the privacy concerns.
Other companies with the same idea are Weblin and PMOG. That’s why I run my browsers in Sandboxie.
technorati tags: social, networking, privacy, hacking, vitrual, world, vr
