Advertisements

General Musing

blaze your trail

Posts Tagged ‘hacking

6 Months of Security Links #2011

leave a comment »

I’m a regular curator of daily links, and like to give overviews of my collection of curated links and posts. This is partly as there are some good sources and articles in here and as I am working on a research project which I started based on a number of books I read.

I’m sure you’ll find something interesting in the items below – there are some gems in the list – and I dare to hazard the guess you might learn something you wanted to know. 🙂

Read the rest of this entry »

Advertisements

Written by Daniël W. Crompton (webhat)

July 15, 2011 at 4:10 pm

Posted in tagging

Tagged with , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

NDE Magazine 4 Out #lockpicking

leave a comment »

NDE Magazine #4 just came out, NDE is a lockpicking magazine covering interesting techniques in locks and picks. The ABUS Challenge proved that with enough time and effort any lock can be defeated.

Technorati technorati tags: , , , ,

Written by Daniël W. Crompton (webhat)

July 28, 2008 at 10:22 pm

Posted in risk, security

Tagged with , , , ,

Citizen Engineer – True Love #hack

leave a comment »

I just finished watching Citizen Engineer, I’m in love. No honest, there is just something about a girl and her soldering iron. There are two things which are discussed in this first episode Phones

  1. SIM Card Hacking
  2. Payphone Hacking

The first subject is handled a little too fast for my liking and doesn’t cover all the interesting parts, although it is mostly left up the the viewer to try it themselves. Payphone Hacking is covered in depth, it’s divided into 3 sections:

  • Hooking the Payphone up to VoIP
  • Fixing the Payphone so it accepts quarters
  • Creating a system which can be bypassed with a Redbox

It’s geeky, but it’s fun!

Technorati technorati tags: , , , ,

Written by Daniël W. Crompton (webhat)

July 28, 2008 at 7:27 pm

Posted in security, sip, telecom

Tagged with , , , ,

Crunch Time on DNS (CERT #800113) (Update)

leave a comment »

I missed updates on the CERT #800113 DNS issue. It seams that we didn’t have the 30 days, as Kaminsky requested, but 13 days. As published by Security Focus on July 22nd and 24th in Kerfuffle erupts as DNS flaw described and Metasploit releases double-whammy for DNS.

I asked my own ISP (XS4all) about this issue, and got the response from the Helpdesk on the 25th:

… although the attack is plausible, it is being over hyped. The chance that this attack will take place is small.

Technorati technorati tags: , , , , , ,

Written by Daniël W. Crompton (webhat)

July 28, 2008 at 4:28 pm

Posted in risk, security

Tagged with , , , , , ,

Crunch Time on DNS (CERT #800113)

with one comment

I don’t know if you know, but the shit is going to hit the fan on August 7th. DNS is vulnerable to another cache poisoning attack and in the spirit of full disclosure Dan Kaminsky will be explaining the fundamental flaw in the DNS protocol itself on the 7th. Before that time every DNS should be patched, even yours

I know I have a caching DNS server in my ADSL modem, and the chance is quite high that you do too. Now is the time to update your modem, get the extra features. Contact your vendor or ISP and get the patch, don’t trust that nothing will happen to you, it will! This is very important.

Technorati technorati tags: , , , , ,

Written by Daniël W. Crompton (webhat)

July 16, 2008 at 12:16 am

Posted in risk, security

Tagged with , , , , ,

Virtual World in Your Browser

leave a comment »

RocketOn is social networking from a browser plugin, you can visit sites and collect cool virtual items. Mashable said it Rocked in their article My Journey as a ROCKETON Avatar Rocked, but DarkReading found the twist.

In the article Free Virtual Goodies at Price of Privacy they expand on that. Naturally RocketOn are currently in Alpha, so bugs are to be expected, but this is different. It’s the Alexa Toolbar on acid, and it’s a brilliant marketing concept, except for the tracking cookies, possible bugs and viruses, and the privacy concerns.

Other companies with the same idea are Weblin and PMOG. That’s why I run my browsers in Sandboxie.

Technorati technorati tags: , , , , , ,

Written by Daniël W. Crompton (webhat)

July 15, 2008 at 6:48 am

%d bloggers like this: