Hack The Planet

Because if you don't, who will?

Monday, November 1, 2010

Firesheep – Because the name Firecow was taken

There are tons of posts on the new FireFox plugin, Firesheep. Firesheep is a plugin that allows you to hijack other user’s social network sessions that are using the same wired or wireless network as you are. Eric Butler, one of the co-authors, has a post explaining how Firesheep works.

The basics of the attack are that websites like Facebook use something called “cookies” to authenticate a user that has already logged in so that the site does not have to ask the user to login again until the cookie expires. The issue is that while the sites often encrypt the initial login they don’t often encrypt any additional network traffic which allows an attacker to capture the cookie and allows them to gain access to victim’s account.

To protect yourself from this type of attack you should always maintain an encrypted session with any of your social network sites. Some folks say not to connect to these sites at all on public WiFi but in general you are better off treating every network as untrusted or hostile and just encrypt your network traffic. You can use the Force-TLS or HTTPS-Everywhere plugins, though they may not work on every site.

The slides for Firesheep from Toorcon are here.

posted by holliday at 3:17 pm  

Friday, October 29, 2010

Nobel Peace Prize website delivering malware

A Firefox 0-day vulnerability is being used to vend malware from the official website for the Nobel Peace Prize. Norman ASA detection executive Einar Oftedal stated in an instant message to the Register, “This iframe has a multi exploit backend and serves exploits for Firefox, including a working remote exploit for firefox 3.6.11, we didn’t see any 0day for IE.” The malware does not target Windows Vista, or 7 systems, limiting the attack to only Windows XP users running Firefox 3.6.11 or earlier.

Mozilla is aware of the vulnerability and is working on a fix that will most likely be out later this week once it has been tested. This attack is most likely not limited to the Nobel Peace Prize website and users of Mozilla’s Firefox can protect themselves from this attack by using NoScript or disabling JavaScript in their browser.

Some theorize the attack is related to the Nobel Peace Prize being awared to Liu Xiaobo this year, who is incarcerated in China for his participation in Chapter 08.

posted by holliday at 11:51 am  

Friday, October 29, 2010

Bredolab botnet neutered, not dead yet

Dutch authorities in conjunction with network security organizations have taken control of and started dismantling 143 command and control servers used by the Bredolab botnet. The Bredolab botnet had infected an estimated 30 million computers during its time and was reportedly used in a phishing scam last year against Facebook users.

A 27 year old suspect was arrested a little while later after trying to regain control of the botnet and then trying use it to DDOS the web hosting firm Leaseweb that was being used by the hacker.

While the majority of the CnC servers have been taken offline there are still some alive and kicking.

One of the more interesting pieces to me is that the Fox-IT team who is working with the Dutch authorities, are contacting the infected machines users when they log on of the infection and how to remedy it. At the posting of this over 100,000 users have been notified.

posted by holliday at 11:08 am  

Wednesday, October 27, 2010

iPhone security flaw

On an iPhone 4 running iOS 4.1 if you tap the “Emergency Call” button, then enter three pound signs, hit the green call button and immediately press the Lock button you gain access to the Phone app.

Well, what’s so bad about this? The Phone app includes your contacts, your voice mail and call history. Some people probably don’t think this is a large issue and it may not be. But with iPhones becoming more prevalent in the business world your contacts can include a lot of people you may not want someone else seeing. Especially in Sales where your contacts are your livelihood.

So if you have an iPhone 4 with iOS 4.1 you may not want to leave it laying around, not that you would in the first place.

posted by holliday at 2:19 pm  

Wednesday, October 20, 2010

It was bound to happen

According to the Kroll Annual Global Fraud Report this is the first time that cyber theft has surprassed physical theft. I am surprised that it took this long for it to happen.

The report doesn’t say that other forms of fraud are decreasing, but that the theft of intellectual property is just increasing, with 27.3% of companies reporting it compared to 18% in 2009. In comparison only 27.2% of companies reported theft of physical property. It does make me wonder what the true numbers are compared to the reported.

What it comes down to is that it is much easier to steal your intellectual property from the thief’s couch (or office chair) than it is to break into your office and take your laptops or paper clips. Saying that, the report shows that most fraud is done by insiders, people that are already part of your organization.

When companies are losing so much annually to insiders it makes me wonder what type of privileges their organizations utilize. Do they use “least privilege”, or is everyone walking around with admin rights? If your employees have access to data that they shouldn’t because you haven’t instituted a good rights management system then you really need to update your resume because your data is probably already gone.

posted by holliday at 2:27 pm  

Wednesday, September 8, 2010

Good morning

Writing is something that I have always enjoyed. Whether it was books as a child or a journal as I grew up, I have always found peace in it. Writing a blog made sense to me but I don’t believe I have kept up my end of the bargain.

Through irregular posts and linking to stories that I have found interesting without adding much value to the conversation I have made this blog boring and empty. I am going to try and change that though.

While I will still be commenting on stories that I find interesting, specifically related to Information Security, privacy and maybe a splash of comic books or legos to boot, I am going to try and add value to the conversation.

Well, here it goes….

Why is Information Security so important to me? Why do I find it so exciting that not only have I made it my career but also my hobby outside of office hours?

I believe the answer is in my general love for all things competitive. When I was a child I wasn’t a very competitive person. I enjoyed playing games but was not really into sports. This changed in my teen years and I developed a love of games and competition. Whether it was who could clean a table fastest among my bus boy coworkers or who could run the fastest or throw the farthest among my other friends it was all a game and I loved it.

I feel that Information Security is like this. It is a game that we are playing all of the time against outsiders, insiders and ourselves. We have to protect our networks and data from elite hackers to receptionists who love Facebook and Twilight. You don’t get to stop playing this game when you go home and you have to make sure you are always learning how to play the game better, faster and know more than you did the day before. Your opponents don’t take days off and neither can you (figuratively).

There is also so much to learn. I have a thirst for knowledge and Information Security is an ever changing cornucopia of it. There is never a lack of new things to learn or research, and things to do to make yourself and your network more secure. From day to day the landscape changes and you have to be on top of your game or you will lose.

These are some of the reasons why I love Information Security. Why do you love it?

posted by holliday at 5:24 am  

Tuesday, August 31, 2010

Immigration, why it is a good thing

I am going to take a break from my normal topics to discuss one that is a passionate one for most people in America. Immigration.

My family is a bunch of immigrants. Not first generation but in the last few. My ancestors came to America because it was the land of opportunity. Pretty much everyone who lives in America does so because their ancestors immigrated here. I am pretty sure all of them came here for the opportunities also.

America is a great country to live in and we should embrace that. People want to come here and build their lives and families. We need to make immigrating to America better so that we can bring in the best and brightest minds from around the world and have them want to live here.

When it comes down to it, who wants to live in a country that no one wants to immigrate to?

A great article on why immigration is a necessary part of American dominance and culture is here.

posted by holliday at 12:18 pm  

Monday, August 30, 2010

Hackers with freaking laser beams attached to their heads

I just read that Hackers cracked the encryption key from a quantum cryptographic system using lasers. Now that is awesome.

posted by holliday at 12:47 pm  

Thursday, August 19, 2010

1984 wasn’t a romance

In the city of Leon, Guanajuato in Mexico the government is putting in retina scanners to keep track of people. The scanners track you as you walk past them. So now, you can be tracked where ever you are in the city.

At Defcon this year Chris Paget showed how RFID’s could be tagged from a decent distance. Then today I read on Slashdot that Mark Roberti, an editor in the RFID field, says that Paget is showing RFID in the wrong light. That no one has had their privacy infringed upon with it and that it hasn’t lead to identity theft and that there isn’t enough data anyway to be an issue. I think Mark is missing the point.

When you get arrested and the officer reads you your rights the line goes “Anything you say can and will be used against you in a court of law.” What is going to stop the government from extending this to “Anything can and will be used against you.” I think that we as citizens need to be mindful that just because things haven’t been used against us doesn’t mean they can’t or won’t be.

posted by holliday at 2:00 pm  

Wednesday, July 21, 2010

Breaches, breaches everywhere

I was just reading about two more breaches when I hit the section “What was the response?”
In both cases, and in most that I have read about, they people affected, a.k.a. the victims of someone else’s mistake, are given a years subscription to a credit monitoring service. Wow, a whole year. Their data can’t possibly last longer than a year out on the internet can it? The fact is that these people will have to watch their credit for well over a year and will probably have to subscribe to a service for the rest of their lives. We like to think that this information will disappear over time but the fact is things can last forever on the internet.
Someday maybe the punishment for losing other people’s information will be high enough that people will actually protect it and care about it.

posted by holliday at 1:14 pm  
« Previous PageNext Page »

Powered by WordPress