Archive for April, 2007
Good stuff. I just find it hilarious when people watch CSI or all these other movies and think hacking or recovering data off a hard drive is so flashy and cool. Or better yet, completely retarded. It's a UNIX system! I know this! Cookie to the first [...]
Posted by Marcin on Monday, April 30, 2007 in
Security and
Tech.
If you're a fan of Heroes, and into security, check out PrimaTechPaper. For those who don't follow the show, PrimaTechPaper is a front for the agency Mr. Bennett (father of the cheerleader) works for. This site has a "Hacker's challenge"/puzzle type feel [...]
Posted by Marcin on Saturday, April 28, 2007 in
Other.
Every time I have a conversation with someone who has diarrhea of the mouth, it makes me nauseous. The other day, I was flying from Atlanta to Hartford (my flight was delayed by an hour) and while in the plane waiting, I struck up a conversation with a [...]
Posted by Marcin on Friday, April 27, 2007 in
Intelligence and
Tech.
In a month, I begin a new internship for a Fortune 100 company. Having already spoken with a member of the security team, I can expect to be placed in one of four areas in IT security, including web application security and forensics/incident response. I [...]
Posted by Marcin on Thursday, April 26, 2007 in
Security and
Work.
My first hack that I remember, was in sixth grade (1996 or so??). We had a lab full of Macintosh computers, which I had no clue about or anything at the time, other than we logged into them and had a folder for our documents and another folder containing [...]
Posted by Marcin on Tuesday, April 24, 2007 in
Security.
What I learned today? The importance of backups, and having a clear head when working on my system. Tuesday night, I am going home to Connecticut for the summer, so I started saving all my data to an external hard drive to take with me. Well, I also did [...]
Posted by Marcin on Tuesday, April 24, 2007 in
Tech.
Installing VMware Server is pretty straight-forward on Ubuntu 7.04 (Feisty Fawn). Make sure you have the build-essential package and the correct linux-headers for your kernel. $ sudo apt-get install build-essential linux-headers-`uname -r` Download [...]
Posted by Marcin on Sunday, April 22, 2007 in
Linux.
Hey everyone, for those who don't know, it's Earth Day today. Stop by Home Depot and get a free light bulb. Plant a tree, clean up some garbage, ride a bike, carpool, get out there (weather is great!) and have fun. Cheers :)
Posted by Marcin on Sunday, April 22, 2007 in
Other.
So I hit up the Security Bloggers Network and what do I see? A post on Technobabylon with a bunch of penises (sp?) some Indian dude with a Swastika shirt, and a whole slew of personal infromation.. Someone doesn't like Ross Brown or eEye Digital [...]
Posted by Marcin on Friday, April 20, 2007 in
Security.
I'm looking for suggestions on any tools to reverse engineer programs for Windows based systems. I have the *nix and BSD bases covered; I'm just lacking a good, Windows toolkit. Particularly, tools to analyze memory, disassemble, debug, etc... I've heard [...]
Posted by Marcin on Wednesday, April 18, 2007 in
Security.
People panic! Last night, TurboTax was unavailable for people to file their taxes. The problems have been since resolved, but let it be a lesson to all of us that we cannot depend entirely on technology. Technology will eventually fail us, like it did so [...]
Posted by Marcin on Wednesday, April 18, 2007 in
News and
Tech.
h1kari, not long ago at ShmooCon 2007, presented (*.mp4) his custom Field-programmable gate array optimized for cracking WEP and WPA encryption. It performed in some cases over 400% faster than a Pentium 4 or Athlon64. The reason why the chip performs so [...]
Posted by Marcin on Tuesday, April 17, 2007 in
Security and
Tech.
From F-Secure Weblog : News from the Lab, (spoiler: answer below) Question of the day: How come you get over 160,000 hits when you search Google for "d41d8cd98f00b204e9800998ecf8427e"? Pretty much the same thing for [...]
Posted by Marcin on Tuesday, April 17, 2007 in
Security.
And the post of the day goes to Mike Rothman, and his comments on Javelin's research survey that claims 77% of 2750 consumers said they would not shop at stores that suffered data breaches. I think this number is crap. Why? The analogy I'll use is [...]
Posted by Marcin on Monday, April 16, 2007 in
Politics,
Privacy and
Security.
LonerVamp had a post yesterday on preventing Firefox from sending referrer messages. I'll add to that and show how you can prevent websites from resizing the browser window. In about:config, set the value of dom.disable_window_move_resize to true. Also, [...]
Posted by Marcin on Monday, April 16, 2007 in
Tech.
A funny slide taken from Windows WSYP Project: Security is (or will be) your job. Security is your life. You are security for your org. If you wanna be good, there are things you have gotta know-- How to say "I don't know" How to say "That's not allowed" [...]
Posted by Marcin on Monday, April 16, 2007 in
Security.
To get Kismet to run under the ipw2200 driver, simply edit /etc/kismet/kismet.conf. Here is the diff -u output: --- kismet.conf.orig 2007-04-03 13:51:29.000000000 -0700 +++ kismet.conf 2007-04-03 13:53:55.000000000 -0700 @@ -7,10 +7,10 @@ [...]
Posted by Marcin on Thursday, April 12, 2007 in
Linux and
Security.
I wish I had posted this when I first wanted to about four weeks ago, (and maybe have saved some people from losing money) but SourceFire was not a good investment! No matter how much I support Snort IDS as an open source project, I don't want to put [...]
Posted by Marcin on Thursday, April 12, 2007 in
Other.
LonerVamp has been watching ShmooCon videos all day long and has posted his thoughts on several of them. My favorite talks (that have been uploaded) from ShmooCon are the following: A Hacker Looks at 50 Extend Your Code into the Real World No-Tech [...]
Posted by Marcin on Sunday, April 8, 2007 in
Security.
ShmooCon 2007 videos are up. Check out http://www.shmoocon.org/2007/videos/.
Posted by Marcin on Friday, April 6, 2007 in
Security.
Andy IT Guy writes, "I think we need to focus on in not how to crack what is already broken but how can we protect what is using it. I'd love to see WEP go away but it won't happen anytime soon." Andy hits the nail right on the head with this one. A lot [...]
Posted by Marcin on Thursday, April 5, 2007 in
Security.
I asked a colleague once how to answer those silly questions, you know, the ones banks and other sites like to use to reset passwords? They're used to verify you are, who you say you "were." Well, my bank at the start of the year had introduced some [...]
Posted by Marcin on Wednesday, April 4, 2007 in
Intelligence,
Privacy and
Security.
Expanding on my previous blog post regarding export control and how it is defined, there are several other factors to take into consideration to help ensure compliance. Record Keeping All export records must be kept for five years after license [...]
Posted by Marcin on Wednesday, April 4, 2007 in
Defense and
Security.