tag:blogger.com,1999:blog-14810460645347263002024-03-07T11:33:53.512+08:00Internet SecurityDodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.comBlogger23125tag:blogger.com,1999:blog-1481046064534726300.post-3098850617385411432014-08-30T17:28:00.000+08:002014-08-30T17:28:51.176+08:00Free open source windows softwareHere's a list of some software I find essential and which I usually install on new Windows machines. All are free and most are open source.<br /><br /><b>Browser</b>: Firefox or Chrome<br /><a href="https://www.mozilla.org/firefox/">https://www.mozilla.org/firefox/</a><br /><a href="https://www.google.com.au/chrome/">https://www.google.com.au/chrome/</a><br /><br /><b>Email</b>: Thunderbird<br /><a href="https://www.mozilla.org/thunderbird/">https://www.mozilla.org/thunderbird/</a><br /><br /><b>Anti-virus software</b>: Microsoft Security Essentials<br /><a href="http://windows.microsoft.com/en-au/windows/security-essentials-download">http://windows.microsoft.com/en-au/windows/security-essentials-download</a><br /><br /><b>Distributed Version Control System</b>: Git for Windows<br /><a href="http://git-scm.com/download/win">http://git-scm.com/download/win</a><br /><br /><b>SVN Client</b>: Tortoise SVN client<br /><a href="http://tortoisesvn.net/">http://tortoisesvn.net/</a><br /><br /><b>Flash</b>: Adobe Flash Player<br /><a href="http://get.adobe.com/flashplayer/">http://get.adobe.com/flashplayer/</a><br /><br /><b>File archive/compression tool</b>: 7-Zip<br /><a href="http://www.7-zip.org/">http://www.7-zip.org/</a><br /><br /><b>Media player</b>: VLC Media Player<br /><a href="http://www.videolan.org/vlc/index.html">http://www.videolan.org/vlc/index.html</a><br /><br /><b>Text Editor</b>: Notepad++<br /><a href="http://notepad-plus-plus.org/">http://notepad-plus-plus.org/</a><br /><br /><b>PDF creation</b>: PDF Creator<br /><a href="http://www.pdfforge.org/pdfcreator">http://www.pdfforge.org/pdfcreator</a><br /><br /><b>PDF viewer</b>: Sumatra PDF<br /><a href="http://blog.kowalczyk.info/software/sumatrapdf/free-pdf-reader.html">http://blog.kowalczyk.info/software/sumatrapdf/free-pdf-reader.html</a><br /><br /><b>Office software (spreadsheet, word processor, slideshow)</b>: Libre Office, Open Office or Microsoft Office<br /><a href="http://www.libreoffice.org/">http://www.libreoffice.org/</a><br /><a href="http://openoffice.apache.org/downloads.html">http://openoffice.apache.org/downloads.html</a><br /><a href="http://office.microsoft.com/">http://office.microsoft.com/</a><br /><br /><b>CD/DVD Burner & Ripper</b>: ImgBurn<br /><a href="http://www.imgburn.com/index.php?act=download">http://www.imgburn.com/index.php?act=download</a><br /><br /><b>Bitmap Graphics editor</b>: Paint.NET or GIMP<br /><a href="http://www.dotpdn.com/downloads/pdn.html">http://www.dotpdn.com/downloads/pdn.html</a><br /><a href="http://www.gimp.org/">http://www.gimp.org/</a><br /><br /><b>Vector graphics editor</b>: Inkscape<br /><a href="http://www.inkscape.org/">http://www.inkscape.org/</a><br /><br /><b>Digital darkroom software</b>: LightZone<br /><a href="http://lightzoneproject.org/">http://lightzoneproject.org/</a><br /><br /><b>Password safe</b>: KeePass<br /><a href="http://sourceforge.net/projects/keepass/">http://sourceforge.net/projects/keepass/</a><br /><br /><b>File synchronisation</b>: Dir Sync Pro<br /><a href="http://www.dirsyncpro.org/">http://www.dirsyncpro.org/</a><br />
<br /><i>Cross posted from</i><br /><a href="http://www.dodgycoder.net/2014/08/essential-free-windows-software.html">http://www.dodgycoder.net/2014/08/essential-free-windows-software.html</a>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com1tag:blogger.com,1999:blog-1481046064534726300.post-2528963890039685852011-12-30T17:40:00.002+08:002012-06-25T08:36:25.024+08:00Ten Memorable InfoSec Stories of 2011<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikTP_bgOixTdokcl7okXChZOiGXYTu3rkXaA5GZRVlvG3sjB4qZcp67mG4ToS1MH3FyfCiH-d8WuyZzsCdGrJRZDeqvAfCcNrS5n6zASt6GjdLwe0MdPhWjlW6zBkWA00eJdWlntWVOrc/s1600/Comodo_Logo.gif" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikTP_bgOixTdokcl7okXChZOiGXYTu3rkXaA5GZRVlvG3sjB4qZcp67mG4ToS1MH3FyfCiH-d8WuyZzsCdGrJRZDeqvAfCcNrS5n6zASt6GjdLwe0MdPhWjlW6zBkWA00eJdWlntWVOrc/s200/Comodo_Logo.gif" width="200" /></a></div>
<span style="color: cyan; font-size: large;">A question of trust: the hacking of Root CAs (Certificate Authorities)</span><br />
<br />
Back in March, a root certificate authority named Comodo was hacked, and used by a self-proclaimed Iranian hacker to issue legitimate SSL certificates for a number of sites, including Google, Skype, Mozilla, Live.com and Yahoo. SSL certificates confirm that a secure site really is what it says it is; your browser has a list built into it of certificate authorities that it trusts, so when you visit an SSL site it checks the certificate against the issuer. If the issuer isn't on the list, you get a warning.<br />
<br />
If a hacker creates a "fake" certificate from the real authority, then any site is, as far as your computer or phone knows, legitimate if it presents that certificate. The implications for shopping or other interaction are huge: you become vulnerable to a man-in-the-middle (MITM) attack, where someone operates a site using the "fake" certificate between you and the real site. From your end, it's a legitimate SSL site. For the person running it, they can see everything passing between you and the real site. Comodo's dodgy certificates were revoked, but it depended on whether people accepted a browser update as to whether or not they would be protected.<br />
<br />
Then in July, the Dutch SSL certificate authority Diginotar (which provided the SSL certificates for thousands of sites including the Dutch government) was hacked, and a number of certificates, including one for Google, issued. These certificates were used for a MITM attack on Iranian users of Google Mail – another indication that web security really does have human consequences.<br />
<br />
Many experts now believe that <a href="http://blog.thoughtcrime.org/ssl-and-the-future-of-authenticity">the current SSL CA system is broken</a>. One expert in this area, Moxie Marlinspike, proposes that all of the current problems with the CA system can be reduced to a single missing property, called "Trust Agility", and he has proposed a secure replacement for the existing the SSL CA system called "<a href="http://convergence.io/">Convergence</a>".<br />
<br />
This story is perhaps the most important thing to have happened to InfoSec in 2011 – and how it is dealt with in 2012 may be crucial.<br />
<br />
<b>Full story: <a href="http://www.infosecisland.com/blogview/16383-Hacked-Certificate-Authorities-Nothing-Left-to-Trust.html">here</a></b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgk9JeeXpnQn6P885wZMbeKwvNCyp3x8lgHm3DKSUEvsMDbLAxuF5WijZh-AV7tMmRCRmdfFNeY238-2XbwQiSCoBLYOJUp8MWe8mR3lbQwpjWYZR4ItG8zHJSt4FMeH02XV5F0PUwZW0/s1600/anonymous_wearing_guy_fawkes_masks.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="174" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjgk9JeeXpnQn6P885wZMbeKwvNCyp3x8lgHm3DKSUEvsMDbLAxuF5WijZh-AV7tMmRCRmdfFNeY238-2XbwQiSCoBLYOJUp8MWe8mR3lbQwpjWYZR4ItG8zHJSt4FMeH02XV5F0PUwZW0/s320/anonymous_wearing_guy_fawkes_masks.jpg" width="320" /></a></div>
<span style="color: cyan; font-size: large;">Anonymous gets busy</span><br />
<br />
The loose collective of hackers known as <a href="http://en.wikipedia.org/wiki/Anonymous_%28group%29">Anonymous</a> were quite busy in 2011. The group first gained widespread attention back in 2008 with their "Project Chanology" raids on the Church of Scientology. One of their symbols, the Guy Fawkes mask (first popularized by the comic book and film "V for Vendetta) has now become instantly recognisable, as well as becoming associated with the Occupy Wall Street movement. Their self description in the form of an aphorism is: "We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us."<br />
<br />
Here are some of their more memorable activities of the year ...<br />
<br />
* Operations in support of the Arab Spring Democracy movements in Egypt, Tunisia and Libya - Anonymous performed DDoS attacks on eight Tunisian government websites which may have led to an upsurge of internet activism among Tunisians against their government. Anonymous also attacked the websites of the incumbent governments in Egypt and Libya along with the internet censorship methods being used in these countries.<br />
<br />
* In February came the attack on HBGary Federal - in retaliation for the CEO's (Aaron Barr) claims of having infiltrated Anonymous, members of Anonymous hacked the website of HBGary Federal, took control of the company's e-mail, dumped 68,000 e-mails from the system into the public domain, erased files, and took down their phone system.<br />
<br />
* Next came the attack Sony websites (Operation Sony) in response to Sony's lawsuit against George Hotz and, specifically due to Sony's gaining access to the IP addresses of all the people who visited George Hotz's blog as part of the libel action, terming it an 'offensive against free speech and internet freedom'. Although Anonymous admitted responsibility to subsequent attacks on the Sony websites, Anonymous branch AnonOps denied that they were the cause behind a <a href="http://en.wikipedia.org/wiki/PlayStation_Network_outage">major outage of the Playstation Network</a> and Qriocity services in April 2011. On May 4, 2011, Sony confirmed that individual pieces of personally identifiable information from each of the 77 million accounts appeared to have been stolen. The outage lasted for approximately 23 days.<br />
<br />
* In August 2011, Operation BART was launched in response to San Francisco Bay Area Rapid Transit's shutdown of cell phone service in an attempt to disconnect protesters from assembling violently in response to a police shooting, Anonymous sent out a mass email/fax bomb to BART personnel and organized multiple mass physical protests at the network's Civic Center station.<br />
<br />
* Several contingents of Anonymous have given vocal support to the Occupy Wall Street movement, with vast numbers of members attending local protests and several blogs run by members covering the movement extensively.<br />
<br />
* In early August, Anonymous launched Operation Syria and hacked the Syrian Defense Ministry website. In September, a group tied to Anonymous appeared on Twitter, calling themselves RevoluSec (Revolution Security). They defaced Syrian websites, including the Syrian Central Bank and other pro-regime sites. <a href="http://en.wikipedia.org/wiki/Telecomix">Telecomix</a> worked with Anonymous to show Syrians how to bypass the internet censorship put in place by the regime.<br />
<br />
* Operation Mayhem: on November 18, Anonymous released a video claiming to have released the "Guy Fawkes Virus" on Facebook and that they will release it on Twitter soon. The first reason claimed for its release was to protest the violence of the police force against Occupy Wall Street protestors, the second was to protest the Stop Online Piracy Act and the third reason was to counter anyone who claims to be against Anonymous.<br />
<br />
* Ending off the year, on December 24th, Anonymous <a href="http://venturebeat.com/2011/12/28/anonymous-stratfor-hack-10-things-to-know/">gained access to thousands of e-mail addresses and credit card information from security firm Stratfor</a> and made it public. Anonymous commented that they did it because the data was unencrypted - to let the public know about their vulnerability.<br />
<br />
<b>Full story: <a href="http://en.wikipedia.org/wiki/Timeline_of_events_involving_Anonymous">here</a> </b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkqWjhHCPAPwerA-6ZGaKkE39QqUElKK8dxQ9OjDchcLSbaI3qf5bbZo6PAO2yD_TE2DyMKNd1wTKwk_KSUJpuFOMihIurt6wMTBo7lXD-9REROy-3BITGCsDctX9d4UGksGYACTb2Rv4/s1600/siemens_scada_enabled_power_plant.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="212" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgkqWjhHCPAPwerA-6ZGaKkE39QqUElKK8dxQ9OjDchcLSbaI3qf5bbZo6PAO2yD_TE2DyMKNd1wTKwk_KSUJpuFOMihIurt6wMTBo7lXD-9REROy-3BITGCsDctX9d4UGksGYACTb2Rv4/s320/siemens_scada_enabled_power_plant.jpg" width="320" /></a></div>
<span style="color: cyan; font-size: large;">Hacking the power plant</span><br />
<br />
At Black Hat USA, SCADA security researcher Dillon Beresford gave one of the most alarming public demonstrations of the fragility of security in power control systems. Beresford, a researcher with NSS Labs, demonstrated how a backdoor in Siemens industrial control systems let him get inside, capture passwords and reprogram PLC logic such that he could shut down the systems altogether or cause them to eventually crash. He had initially postponed a presentation earlier in the year on his vulnerability finds due to concerns about possible risk to human life. Remember that the same Siemens industrial control systems were targeted successfully by the Stuxnet worm in 2010, which infected several Iranian nuclear facilities with devastating effect by making use of custom a PLC rootkit along with several zero-day vulnerabilities and fake SLL certificates from two compromised CAs.<br />
<br />
<b>Full story: <a href="http://www.darkreading.com/advanced-threats/167901091/security/vulnerabilities/231300325/siemens-shows-up-for-black-hat-demo-of-scada-hack.html">here</a><br />
</b><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGhov9PuCvzvbmZ_9ygPgMbUOSZj4kv1572O5c961o88bTsHbVL6CHVulK9VigHTbv2nAVk5o9E5bDM-dSi_OUq5XiEMROvrE9vIg5v3OEJ9kuKeUXNJ4zTfwW3ZfqwDPhskeYbWUlqSM/s1600/insulin-pump.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGhov9PuCvzvbmZ_9ygPgMbUOSZj4kv1572O5c961o88bTsHbVL6CHVulK9VigHTbv2nAVk5o9E5bDM-dSi_OUq5XiEMROvrE9vIg5v3OEJ9kuKeUXNJ4zTfwW3ZfqwDPhskeYbWUlqSM/s320/insulin-pump.jpg" width="243" /></a></div>
<span style="color: cyan; font-size: large;">Hacking insulin pumps</span><br />
<br />
SCADA security expert Jerome Radcliffe, a diabetic, had become curious about the security of the devices that keep his blood sugar in check. So he started studying how continuous glucose monitors (CGM) and insulin pumps could be hacked, and discovered that at least four models of insulin pumps sold by Medtronic can be hacked wirelessly.<br />
<br />
An attacker could remotely disable the pumps or alter the insulin dosage that's automatically delivered to the user. Radcliffe demonstrated that a hacker could illicitly turn off the pump remotely, with the device offering only a small chirp as a response, and also remotely manipulate any setting on the pump without the user's knowledge. "It's basically like having root on the device, and that's like having root on the chemistry of the human body," he said. It was a frightening but enlightening find given the life-or-death consequences. Radcliffe was also able to disrupt and jam the GSM devices.<br />
<br />
<b>Full story: <a href="http://www.scmagazine.com.au/News/265976,insulin-pumps-can-be-hacked.aspx">here</a></b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRKORJS-dTj-P0h7Dchg_-3bKjjsF6BIe5nEfG2K9UzwpBvP2VUDQ2-pJt2rLyLcBMBddociChGa3rS5rkZQpFlnidnlMggupDGceANJkhzLTYRlQm-VvvzRa9qEk3QQ9RMqHKMFzn9Kw/s1600/Wireless_Aerial_Surveillance_Platform_WASP_linux_hacking_UAV_drone.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="150" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiRKORJS-dTj-P0h7Dchg_-3bKjjsF6BIe5nEfG2K9UzwpBvP2VUDQ2-pJt2rLyLcBMBddociChGa3rS5rkZQpFlnidnlMggupDGceANJkhzLTYRlQm-VvvzRa9qEk3QQ9RMqHKMFzn9Kw/s200/Wireless_Aerial_Surveillance_Platform_WASP_linux_hacking_UAV_drone.jpg" width="200" /></a></div>
<span style="color: cyan; font-size: large;">'Warflying': hacking in midair</span><br />
<br />
For around US$6,000, security researchers Mike Tassey and Richard Perkins built a radio-controlled model airplane with an onboard computer running linux with 4G connectivity that could be used as a hacking "drone" to wage aerial attacks on targets that are unreachable on land. They brought their Wireless Aerial Surveillance Platform (WASP) to Las Vegas for Defcon to demonstrate the potential threat of "warflying."<br />
<br />
<b>Full story: <a href="http://www.geek.com/articles/geek-pick/wasp-the-linux-powered-flying-spy-drone-that-cracks-wi-fi-gsm-netwokrs-20110729/">here</a><br />
</b><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEif0BY11RQlRtXSS1bQi9sQhjGc8vHMgSYkaQ2xDZEbhTKcpkUH1_2n2OFaKUNfCYvFL91qkHaRWyXheCENIp_nquhvuNL5IZahr6RY3Z6Hy7UhCn6PWdi1-jjBGH8spSsOtEKfJ4rqVlQ/s1600/apple-macbook.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="177" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEif0BY11RQlRtXSS1bQi9sQhjGc8vHMgSYkaQ2xDZEbhTKcpkUH1_2n2OFaKUNfCYvFL91qkHaRWyXheCENIp_nquhvuNL5IZahr6RY3Z6Hy7UhCn6PWdi1-jjBGH8spSsOtEKfJ4rqVlQ/s200/apple-macbook.jpg" width="200" /></a></div>
<span style="color: cyan; font-size: large;">Hacking MacBook laptop batteries</span><br />
<br />
Security researcher Charlie Miller demonstrated this year that the embedded controllers on laptop batteries are hackable. Miller found that Apple's laptop battery has two hardcoded passwords that could be exploited to make changes to the smart battery system's firmware. The passwords are a way for Apple to update the firmware, but they also leave it wide open for abuse. Miller disassembled his MacBook's batteries and found that Apple uses one default password to unlock the battery and another to access the firmware. If an attacker were to obtain those passwords, then he could eavesdrop on any communication between the battery and the laptop, as well as inject malicious code.<br />
<br />
<b>Full story: <a href="http://threatpost.com/en_us/blogs/apple-laptop-batteries-can-be-bricked-firmware-hacked-072211">here</a></b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgL6KkMQ9n2kgBYbAVFlKYfm8NeV_wWJUGoQwOW4yTOprUeMgV_5mKq5tGsv7gCcLyS0e82fb8Y2VN0kRECAg2qE8VZWGaRj8HDtLhyjSBjNVX53l8mnvImKFXW9mKC-JEa8HM0eperyU0/s1600/kung-fu.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgL6KkMQ9n2kgBYbAVFlKYfm8NeV_wWJUGoQwOW4yTOprUeMgV_5mKq5tGsv7gCcLyS0e82fb8Y2VN0kRECAg2qE8VZWGaRj8HDtLhyjSBjNVX53l8mnvImKFXW9mKC-JEa8HM0eperyU0/s200/kung-fu.jpg" width="149" /></a></div>
<span style="color: cyan; font-size: large;">The return of Google-fu</span><br />
<br />
Australian security consultant Daniel Grzelak made an unexpected discovery as he searched for publicly accessible databases containing e-mail address and password pairs. The entire user database of Groupon's Indian subsidiary Sosasta.com including cleartext usernames and passwords was accidentally published to the Internet and indexed by Google.<br />
<br />
Grzelak used Google to search for SQL database files that were web accessible and contained keywords like "password" and "gmail". "A few hours and tweaks later, this database came up," he said. "I started scrolling, and scrolling and I couldn't get to the bottom of the file. Then I realised how big it actually was."<br />
<br />
As a side project, he created <a href="http://shouldichangemypassword.com/">shouldichangemypassword.com</a>, a website that allows any Internet user to search a database of known-compromised e-mail address and password pairs to see if their password has been compromised. Grzelak was searching for more compromised accounts to add to the website's database when he stumbled across the Sosasta database.<br />
<br />
<b>Full story: <a href="http://risky.biz/sosasta">here</a></b><br />
<br />
<span style="color: cyan; font-size: large;">Pension fund shoots itself in the foot</span><br />
<br />
Australian information security professional Patrick Webster had noticed his pension fund, First State Superannuation, allowed logged in members to access online statements via a "direct object reference" bug - one which is included in OWASP's infamous top ten list of Web Application security bugs. Sure enough when Webster incremented the document ID number in the URL linking to his super statement, up popped another member's statement. The details revealed on the statement were a fraudster's dream, including full names, addresses, email addresses, membership number, age, insurance information, pension amount, fund allocations, beneficiaries and employer information.<br />
<br />
First State’s response to being quietly tipped off by Webster with his valuable information was extremely stupid, which is why it attracted a large amount of media attention ... they got police and lawyers involved to threaten Webster with arrest and also issued him a bill for the amount it would cost to fix the bug, then demanded access to his computer equipment.<br />
<br />
After the storm of controversy following their heavy handed approach, they backed down from their stance but are now facing an investigation by the Australian Federal Privacy Commissioner as to why the security vulnerability was out there, undiscovered, for a period of 18 months or more. The fund's contracts with Australian government departments, such as ASIO (Australia's CIA), were also looking a little bit shaky.<br />
<br />
<b>Full story: <a href="http://risky.biz/fss_idiots">here</a> </b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyh2Iud_zURQvC3KJdWAXCn_1VJKY32DnNPuCT4-p4z2_LF4S1gHhD84dA2OJxZMyhYWcQIfs77UN_kfztvSDS2TDEi1qnn9YhH5xhSPB7LTkPfJiCxGCuIVdcDIrLBlGUOSURADTUetg/s1600/suburu_outback.jpeg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="110" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjyh2Iud_zURQvC3KJdWAXCn_1VJKY32DnNPuCT4-p4z2_LF4S1gHhD84dA2OJxZMyhYWcQIfs77UN_kfztvSDS2TDEi1qnn9YhH5xhSPB7LTkPfJiCxGCuIVdcDIrLBlGUOSURADTUetg/s200/suburu_outback.jpeg" width="200" /></a></div>
<span style="color: cyan; font-size: large;">Remotely starting a car via text message</span><br />
<br />
There's war driving, and then there's war texting. Security researcher Don Bailey discovered how simple it is to remotely disarm a car alarm system and control other GSM and cell-connected devices: He showed off his find by remotely starting a car outside Caesars Palace in Las Vegas during the Black Hat USA and DefCon shows.<br />
<br />
<b>Full story: <a href="http://www.scmagazine.com/black-hat-car-unlocked-started-via-war-texting/article/209037/">here</a><br />
</b><br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHnwKIdvmC0sstnctbgpdK8a-1a2c02rQvj21Hz0FRS-v1lFahBl8U_Nm95eZBr3O155YSi9H_ewipgrm8x6Qa6tE9_Co91mnj8Q9BwrtSN4BcT6CptGV3iJwO5bJULw4sZgRvEadBCHc/s1600/tardis.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjHnwKIdvmC0sstnctbgpdK8a-1a2c02rQvj21Hz0FRS-v1lFahBl8U_Nm95eZBr3O155YSi9H_ewipgrm8x6Qa6tE9_Co91mnj8Q9BwrtSN4BcT6CptGV3iJwO5bJULw4sZgRvEadBCHc/s200/tardis.jpg" width="153" /></a></div>
<span style="color: cyan; font-size: large;">Mini-hacker time-travels</span><br />
<br />
A 10-year-old girl who attended the inaugural DefCon Kids conference within the DefCon show this year nearly stole the show with her hack. "CyFi" said she was getting bored with her favorite mobile gaming app, so she came up with a neat trick to switch the time on her device to make it more challenging. What she didn't realize at first was that she had actually discovered a whole, new class of zero-day bugs across multiple tablet and smartphone operating systems. "I wasn't making enough progress, so I was trying to find a way around that ... to turn the time forward on the device," she said. It wasn't until her mom caught wind that CyFi had found a way to game her game that things got real. Her mom, a seasoned DefCon attendee, knew this was more than just a clever child's trick: CyFi had basically found a way to restart the clock on a mobile gaming app's free trial. "She's going out of the app, and switching the time on the device, and then she goes back in her app," her mom said.<br />
<br /><b>Full story: <a href="http://www.darkreading.com/blog/231300589/tween-hacker-s-time-travel-trick.html">here</a></b><br /><br /><br /><br />
<span style="font-family: "Courier New",Courier,monospace;">+ - - - - - - - - - - - - - - - - - - - - - - - </span><span style="font-family: "Courier New",Courier,monospace;">+</span><br />
<span style="font-family: "Courier New",Courier,monospace;">| </span><a href="http://harriswalker.net/" style="font-family: "Courier New",Courier,monospace;">Harris Walker Real Estate, Perth, WA, AUS</a><span style="font-family: "Courier New",Courier,monospace;"> |</span><br />
<span style="font-family: "Courier New",Courier,monospace;"></span><span style="font-family: "Courier New",Courier,monospace;">| Specialists in residential housing sales and |</span><br />
<span style="font-family: "Courier New",Courier,monospace;">| property management in Perth, Australia. |</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;">+ - - - - - - - - - - - - - - - - - - - - - - - </span><span style="font-family: "Courier New",Courier,monospace;">+</span><br />
<br /><br />
<b><br /></b>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-81057396075418679162011-10-02T11:32:00.000+08:002011-10-02T11:32:21.452+08:0012 Effective Ways To Improve Your Programming<span class="Apple-style-span" style="color: cyan;"><b>1. Never Stop Learning and Reading</b></span><br />
<b>Read</b> books, not just websites.<br />
<b>Read </b>for self-improvement, not just for the latest project.<br />
<b>Read </b>about improving your trade, not just about the latest technology.<br />
Some of the books listed here would be a good start: <a href="http://www.internetsecuritydb.com/2011/09/top-ten-most-influential-programming.html">The most influential programming books of all time</a><br />
<br />
<b><span class="Apple-style-span" style="color: cyan;">2. Work With People Smarter Than Yourself</span></b><br />
Working with smarter and/or more experienced developers will teach you a great deal.<br />
<br />
<span class="Apple-style-span" style="color: cyan;"><b>3. Become a Polymath (or 'Jack-of-all-Trades')</b></span><br />
Decide to be a 'Jack-of-all-Trades', allowing you to avoid becoming 'pigeon-holed' into one specialty, which can stagnate your programming skills, as well as hurt your future employment prospects.<br />
<br />
<span class="Apple-style-span" style="color: cyan;"><b>4. Read and Document Other People's Code</b></span><br />
Writing code is significantly easier than reading someone else's code and figuring out what it does.<br />
<br />
<span class="Apple-style-span" style="color: cyan;"><b>5. Get Programming Experience on a Real Project</b></span><br />
There is nothing like getting in and coding, especially under pressure - work on a real project, with real fickle customers, with real, ever-changing requirements and with real engineering problems.<br />
<br />
<span class="Apple-style-span" style="color: cyan;"><b>6. Teach Others About Programming</b></span><br />
This will force you to understand something at a completely different level, since you have to explain it to someone else.<br />
<br />
<span class="Apple-style-span" style="color: cyan;"><b>7. Learn One New Programming Language Every Year</b></span><br />
One year gives you enough time to get past the basics - it pushes you towards understanding what's beneficial in that language, and to be able to program in a style native to that language.<br />
<br />
<span class="Apple-style-span" style="color: cyan;"><b>8. Complete One New Pet Project Every Year</b></span><br />
Start a "pet" project and follow it to completion and delivery; a good pet project will push your boundaries and keep you interested.<br />
<br />
<b><span class="Apple-style-span" style="color: cyan;">9. Learn Assembly Language</span></b><br />
Learning a low level language like assembly gives you insight into the way computers 'think' without any high-level abstractions; the elegance at this level is surprising.<br />
<br />
<span class="Apple-style-span" style="color: cyan;"><b>10. See Your Application From the End User's Perspective</b></span><br />
Interact with the end-user to see, through their eyes, how they use the software; end users are typically not technical, and they often see software as a magical piece of work, while you see software as a logical set of steps.<br />
<br />
<span class="Apple-style-span" style="color: cyan;"><b>11. Start a Physical Exercise Program</b></span><br />
You work a whole lot better when you're in good physical shape - problems become easier and less overwhelming, wasting time is much less of a temptation, you can think clearer, and working through things step by step doesn't seem an arduous task.<br />
<br />
<span class="Apple-style-span" style="color: cyan;"><b>12. Learn Touch Typing</b></span><br />
Learning to touch type is a quick and effective way to give your productivity a boost as a programmer.<br />
<br />
Cross posted from: <a href="http://www.dodgycoder.net/2011/10/how-to-become-better-programmer.html">Dodgy Coder - How To Become a Better Programmer</a><br />
<br />
<br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a><br />
<br />
<div><br />
</div>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com2tag:blogger.com,1999:blog-1481046064534726300.post-44904662055996521762011-09-25T15:38:00.002+08:002015-06-12T19:19:43.141+08:00Forgotten Windows 2008 Server Password<span class="Apple-style-span" style="font-size: large;">HOW TO: Gain access to a Windows Server 2008 running RAID when the local administrator password is forgotten</span><br />
<br />
<b><u>The original problem</u><br />
</b>The IT team was diagnosing an issue with all inbound connections being rejected to a Windows 2008 server machine (a dual quad-core Dell Poweredge running 4 disk RAID PERC 6/i). It turned out the problem was that Windows Firewall was setup as using the "public" profile for its firewall rules.<br />
<br />
Since the server should have been assigned to the "domain" profile for the firewall rules, and it seemed like the machine was not on the domain, the IT team decided it would be a good idea to "bump" the server onto the domain, that is, take it off the domain and then re-add it to the domain. Unfortunately the server ran the accounting software (including payroll) for the company. Also, the domain controller was administered in a country half way around the world, such that any access to higher up IT support would have had to wait another 12 hours or so.<br />
<br />
<b><u>The new problem</u></b><br />
The IT team didn't have the local administrator password for the server. And since they had now taken the server off the domain, it could no longer be accessed using the domain user and password combination that they had always used in the past. But nobody in the company knew the local administrator password for the machine. In 14 hours time the company's payroll would need to be processed and there was no way to access the application server running the accounting software. If there's anything that motivates people to work hard its the possibility of not being payed their wages due to a technical issue. <br /><br />The admin password, it now seemed, was just lost forever. About this point I came upon the following Q&A post on the excellent ServerFault.com ...<br />
<br />
<a href="http://serverfault.com/questions/428/what-is-the-best-way-to-gain-access-when-the-password-is-unknown">http://serverfault.com/questions/428/what-is-the-best-way-to-gain-access-when-the-password-is-unknown</a><br />
<br />
There is two main types of free linux-based "boot crackers" which crack windows machines by booting a custom version of linux with a limited user interface ...<br />
<br />
<b><u>Type 1: Rainbow Table Cracker</u></b><br />
A boot cracker that brute forces passwords using lookup tables (rainbow tables). This type does not need to actually change the file system of the machine, but just reads the encrypted Windows SAM (Security Accounts Manager) password file from the machine and cracks it using lookup tables to gain access to the administrator password. Various comments on forums generally say that in most cases this will succeed, and will take no more than a few minutes.<br />
<br />
<b><u>Type 2: Password Reset Cracker</u></b><br />
A boot cracker that resets the local administrator password on the machine. This type just clears the password and in doing so has to write to the file system. For this reason it is considered a little more risky. Also that fact that if the EFS (Encrypted File System) is being used, then it can result in the password not being cleared but actually being scrambled, and furthermore, irretrievable.<br />
<br />
<b><u>Using the cracker</u></b><br />
I initially decided to try <a href="http://ophcrack.sourceforge.net/">ophcrack</a> since it was type 1, and didn't write back to the file system. This seemed initially to work like a charm, booting first time into its linux GUI, but when we tried to mount the file system (which was 4 disk RAID) we realised that the PERC 6/i RAID controller wasn't recognised by the cracker's linux distro. The linux command "fdisk -l" only listed one drive - that of the DVD-ROM drive which the cracker booted with - so it didn't have access to the RAID file system.<br />
<br />
<b><u>Success!</u></b><br />
So onto the next option; using a type 2 cracker called "<a href="http://pogostick.net/~pnh/ntpasswd/">NTPASSWD</a>" - we burnt the files to a CD-ROM and booted. This one has a command line only interface, but it worked like a charm - booted first time and had access to the RAID file system. It listed all the local users on the system. So we selected which one to clear the password for (Administrator) and this was all that was needed. Hey presto, restarted the machine and no login was needed - it had worked!<br />
<br />
If this one hadn't worked, there was one final cracker that I probably would have tried, a commercial cracker, <a href="http://www.elcomsoft.com/esr.html">here</a>, that boots in a "Pre-installation" version of Windows and claims to support all major RAID controllers and hard disk hardware around. The cost was something like $199 but this would have been well worth it if the other free crackers hadn't worked.<br />
<br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-1475140888675210802011-09-18T15:41:00.001+08:002011-09-29T20:30:45.725+08:00Top Ten Books about HackersHere is my list of what I believe are ten of the best books about hackers in real life. All of these include descriptions of actual events, and the personalities involved in hacking. Feel free to post your alternative suggestions in the comments section below. For a brief description of each one please check this page out <a href="http://www.internetsecuritydb.com/p/top-ten-hacker-books.html">here</a>. Enjoy!<br />
<br />
<ol><li><a href="http://www.amazon.com/gp/product/0316037702/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0316037702"><b>Ghost in the Wires: My Adventures as the World's Most Wanted Hacker</b></a> [2011]<br />
By Kevin Mitnick, Steve Wozniak and William L. Simon<br />
<br />
</li>
<li><a href="http://www.amazon.com/gp/product/0307588688/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0307588688"><b>Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground</b></a> [2011]<br />
By Kevin Poulsen<br />
<br />
</li>
<li><a href="http://www.amazon.com/gp/product/1416507787/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=1416507787"><b>The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage</b></a> [1985]<br />
By Cliff Stoll<br />
<br />
</li>
<li><a href="http://www.amazon.com/gp/product/0316528692/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0316528692"><b>The Fugitive Game: Online with Kevin Mitnick</b></a> [1997]<br />
By Jonathan Littman<br />
<br />
</li>
<li><a href="http://www.amazon.com/gp/product/B004I1JQNE/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399373&creativeASIN=B004I1JQNE"><b>Fatal System Error: The Hunt for the New Crime Lords Who are Bringing Down the Internet</b></a> [2010]<br />
By Joseph Menn<br />
<br />
</li>
<li><a href="http://www.amazon.com/gp/product/0471782661/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0471782661"><b>The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers</b></a> [2005]<br />
By Kevin Mitnick and William L. Simon<br />
<br />
</li>
<li><a href="http://www.amazon.com/gp/product/055356370X/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=055356370X"><b>The Hacker Crackdown: Law And Disorder On The Electronic Frontier</b></a> [1993]<br />
By Bruce Sterling<br />
<br />
</li>
<li><a href="http://www.amazon.com/gp/product/0316528579/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0316528579"><b>The Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen</b></a> [1997]<br />
By Jonathan Littman<br />
<br />
</li>
<li><a href="http://www.amazon.com/gp/product/B0058M9KGU/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399373&creativeASIN=B0058M9KGU"><b>Masters of Deception: The Gang That Ruled Cyberspace</b></a> [1995]<br />
By Michele Slatalla<br />
<br />
</li>
<li><a href="http://www.amazon.com/gp/product/B004TCLKK4/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399373&creativeASIN=B004TCLKK4"><b>Unmasked</b></a> [2011]<br />
By Peter Bright, Nate Anderson, Jacqui Cheng, Eric Bangeman and Aurich Lawson (of ArsTechnica)</li>
</ol><br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a><br />
<div><br />
</div>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-32017048484435295222011-09-04T16:38:00.004+08:002011-09-10T20:21:26.463+08:00Top Ten Most Influential Programming Books of All TimeAs voted on by several thousand members of StackOverflow in this article <a href="http://stackoverflow.com/questions/1711/what-is-the-single-most-influential-book-every-programmer-should-read">here</a>.<br />
<br />
The original question was:<br />
<br />
<i>"If you could go back in time and tell yourself to read a specific book at the beginning of your career as a developer, which book would it be."</i><br />
<br />
Since it was first posed back in 2008, this question has become the second most popular question of all time on StackOverflow.<br />
<br />
Here are the results:<br />
<ol><li><b><span class="Apple-style-span" style="color: cyan;">Code Complete (2nd Edition)</span></b><br />
By <a href="http://en.wikipedia.org/wiki/Steve_McConnell">Steve McConnell</a><br />
Published: July 7, 2004<br />
Publisher: Microsoft Press<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0735619670/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0735619670">here</a><br />
<br />
Widely considered one of the best practical guides to programming, this book has been helping developers write better software for more than a decade. The second edition was updated with leading-edge practices and hundreds of new code samples, illustrating the art and science of software construction. Capturing the body of knowledge available from research, academia, and everyday commercial practice, McConnell synthesizes the most effective techniques and must-know principles into clear, pragmatic guidance. No matter what your experience level, development environment, or project size, this book will inform and stimulate your thinking, and help you build the highest quality code.<br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">The Pragmatic Programmer: From Journeyman to Master</span></b><span class="Apple-style-span" style="color: cyan;"><b><br />
</b></span>By <a href="http://en.wikipedia.org/wiki/Andy_Hunt_(author)">Andrew Hunt</a> and <a href="http://en.wikipedia.org/wiki/Dave_Thomas_(programmer)">David Thomas</a><br />
Published: October 30, 1999<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/020161622X/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=020161622X">here</a><br />
<br />
Like any other craft, computer programming has spawned a body of wisdom, most of which isn't taught at universities or in certification classes. Most programmers arrive at the so-called tricks of the trade over time, through independent experimentation. In The Pragmatic Programmer, Andrew Hunt and David Thomas codify many of the truths they've discovered during their respective careers as designers of software and writers of code. The cool thing about this book is that it's great for keeping the programming process fresh. The book helps you to continue to grow and clearly comes from people who have been there.<br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Structure and Interpretation of Computer Programs, Second Edition</span></b><span class="Apple-style-span" style="color: blue;"><b><br />
</b></span>By <a href="http://en.wikipedia.org/wiki/Harold_Abelson">Harold Abelson</a>, <a href="http://en.wikipedia.org/wiki/Gerald_Jay_Sussman">Gerald J Sussman</a> and Julie Sussman<br />
Published: August 1, 1996<br />
Publisher: McGraw-Hill Science/Engineering/Math<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0070004846/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0070004846">here</a><br />
<br />
Teaches readers how to program by employing the tools of abstraction and modularity. The authors' central philosophy is that programming is the task of breaking large problems into small ones. You will learn a thing or two about functional programming, lazy evaluation, metaprogramming (well, metalinguistic abstraction), virtual machines, interpreters, and compilers. The book was originally written for the famous 6.001, the introductory programming course at MIT. It may require an intellectual effort to read, but the reward is well worth the price.<br />
<span class="Apple-style-span" style="font-size: x-small;"><br />
</span></li>
<li><b><span class="Apple-style-span" style="color: cyan;">The C Programming Language (2nd Edition)</span></b><span class="Apple-style-span" style="color: blue;"><b><br />
</b></span>By <a href="http://en.wikipedia.org/wiki/Brian_Kernighan">Brian W Kernighan</a> and <a href="http://en.wikipedia.org/wiki/Dennis_Ritchie">Dennis M Ritchie</a><br />
Published: April 1, 1988<br />
Publisher: Prentice Hall<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0131103628/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0131103628">here</a><br />
<br />
Concise and easy to read, it will teach you three things: the C programming language, how to think like a programmer, and the C abstract machine model (what's going on "under the hood"). Co-written by Dennis Ritchie, the inventor of the C programming language.<br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Introduction to Algorithms</span></b><span class="Apple-style-span" style="color: blue;"><b><br />
</b></span>By <a href="http://en.wikipedia.org/wiki/Thomas_Cormen">Thomas H. Cormen</a>, <a href="http://en.wikipedia.org/wiki/Charles_Leiserson">Charles E. Leiserson</a>, <a href="http://en.wikipedia.org/wiki/Ron_Rivest">Ronald L. Rivest</a> and <a href="http://en.wikipedia.org/wiki/Clifford_Stein">Clifford Stein</a><br />
Published: July 31, 2009<br />
Publisher: The MIT Press<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0262033844/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0262033844">here</a><br />
<br />
Introduction to Algorithms, the 'bible' of the field, is a comprehensive textbook covering the full spectrum of modern algorithms: from the fastest algorithms and data structures to polynomial-time algorithms for seemingly intractable problems, from classical algorithms in graph theory to special algorithms for string matching, computational geometry, and number theory. The revised third edition notably adds a chapter on van Emde Boas trees, one of the most useful data structures, and on multithreaded algorithms, a topic of increasing importance. <br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Refactoring: Improving the Design of Existing Code</span></b><span class="Apple-style-span" style="color: blue;"><b><br />
</b></span>By <a href="http://en.wikipedia.org/wiki/Martin_Fowler">Martin Fowler</a>, <a href="http://en.wikipedia.org/wiki/Kent_Beck">Kent Beck</a>, John Brant and <a href="http://en.wikipedia.org/wiki/William_Opdyke">William Opdyke</a><br />
Published: July 8, 1999<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0201485672/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0201485672">here</a><br />
<br />
Refactoring is about improving the design of existing code. It is the process of changing a software system in such a way that it does not alter the external behavior of the code, yet improves its internal structure. With refactoring you can even take a bad design and rework it into a good one. This book offers a thorough discussion of the principles of refactoring, including where to spot opportunities for refactoring, and how to set up the required tests. There is also a catalog of more than 40 proven refactorings with details as to when and why to use the refactoring, step by step instructions for implementing it, and an example illustrating how it works The book is written using Java as its principle language, but the ideas are applicable to any OO language.<br />
<div><br />
</div></li>
<li><b><span class="Apple-style-span" style="color: cyan;">Design Patterns: Elements of Reusable Object-Oriented Software</span></b><span class="Apple-style-span" style="color: blue;"><b><br />
</b></span>By <a href="http://en.wikipedia.org/wiki/Erich_Gamma">Erich Gamma</a>, Richard Helm, <a href="http://en.wikipedia.org/wiki/Ralph_Johnson_(computer_scientist)">Ralph Johnson</a> and <a href="http://en.wikipedia.org/wiki/John_Vlissides">John Vlissides</a> (Also known as "<a href="http://en.wikipedia.org/wiki/Gang_of_Four_(software)">The Gang of Four</a>")<br />
Published: November 10, 1994<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0201633612/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0201633612">here</a><br />
<br />
Design Patterns is a modern classic in the literature of object-oriented development, offering timeless and elegant solutions to common problems in software design. It describes patterns for managing object creation, composing objects into larger structures, and coordinating control flow between objects. The book provides numerous examples where using composition rather than inheritance can improve the reusability and flexibility of code. Note, though, that it's not a tutorial but a catalog that you can use to find an object-oriented design pattern that's appropriate for the needs of your particular application--a selection for virtuoso programmers who appreciate (or require) consistent, well-engineered object-oriented designs. <br />
<span class="Apple-style-span" style="color: cyan;"><b><br />
</b></span></li>
<li><b><span class="Apple-style-span" style="color: cyan;">The Mythical Man-Month: Essays on Software Engineering</span></b><br />
By <a href="http://en.wikipedia.org/wiki/Frederick_Brooks">Frederick P. Brooks</a><br />
Published: August 12, 1995<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0201835959/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0201835959">here</a><br />
<br />
Few books on software project management have been as influential and timeless as The Mythical Man-Month. With a blend of software engineering facts and thought-provoking opinions, Fred Brooks offers insight for anyone managing complex projects. These essays draw from his experience as project manager for the IBM System/360 computer family and then for OS/360, its massive software system. Now, 20 years after the initial publication of his book, Brooks has revisited his original ideas and added new thoughts and advice, both for readers already familiar with his work and for readers discovering it for the first time.<br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Art of Computer Programming, Volume 1: Fundamental Algorithms (3rd Edition)</span></b><span class="Apple-style-span" style="color: blue;"><b><br />
</b></span>By <a href="http://en.wikipedia.org/wiki/Donald_Knuth">Donald E. Knuth</a><br />
Published: July 17, 1997<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0201896834/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0201896834">here</a><br />
<br />
The bible of all fundamental algorithms and the work that taught many of today's software developers most of what they know about computer programming. One of the book's greatest strengths is the wonderful collection of problems that accompany each chapter. The author has chosen problems carefully and indexed them according to difficulty. Solving a substantial number of these problems will help you gain a solid understanding of the issues surrounding the given topic. Furthermore, the exercises feature a variety of classic problems.<br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Compilers: Principles, Techniques, and Tools (2nd Edition)</span></b><span class="Apple-style-span" style="color: blue;"><b><br />
</b></span>By <a href="http://en.wikipedia.org/wiki/Alfred_Aho">Alfred V. Aho</a>, <a href="http://en.wikipedia.org/wiki/Monica_Lam">Monica S. Lam</a>, <a href="http://en.wikipedia.org/wiki/Ravi_Sethi">Ravi Sethi</a> and <a href="http://en.wikipedia.org/wiki/Jeffrey_Ullman">Jeffrey D. Ullman</a><br />
Published: September 10, 2006<br />
Publisher: Prentice Hall<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0321486811/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0321486811">here</a><br />
<br />
Known to professors, students, and developers worldwide as the "Dragon Book," the latest edition has been revised to reflect developments in software engineering, programming languages, and computer architecture that have occurred since 1986, when the last edition published. The authors, recognizing that few readers will ever go on to construct a compiler, retain their focus on the broader set of problems faced in software design and software development.<br />
<br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<span class="Apple-style-span" style="color: orange;">UPDATE: There was just too many great books that finished outside of the top 10 to ignore... below I've added the programming books which finished placed 11th through to 30th in the survey... enjoy!</span><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Head First Design Patterns</span></b><br />
By Elisabeth Freeman, <a href="http://en.wikipedia.org/wiki/Eric_Freeman_(writer)">Eric Freeman</a>, Bert Bates and <a href="http://en.wikipedia.org/wiki/Kathy_Sierra">Kathy Sierra</a><br />
Published: November 1, 2004<br />
Publisher: O'Reilly Media<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0596007124/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0596007124">here</a><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Gödel, Escher, Bach: An Eternal Golden Braid (20th Anniversary Edition)</span></b><br />
By <a href="http://en.wikipedia.org/wiki/Douglas_Hofstadter">Douglas Hofstadter</a><br />
Published: February 5, 1999<br />
Publisher: Basic Books<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0465026567/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0465026567">here</a><br />
<br />
</li>
<li><span class="Apple-style-span" style="color: cyan;"><b>Effective C++: 55 Specific Ways to Improve Your Programs and Designs (3rd Edition)</b></span><br />
By <a href="http://en.wikipedia.org/wiki/Scott_Meyers">Scott Meyers</a><br />
Published: May 22, 2005<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0321334876/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0321334876">here</a><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Clean Code: A Handbook of Agile Software Craftsmanship</span></b><br />
By <a href="http://en.wikipedia.org/wiki/Robert_c_martin">Robert C Martin</a><br />
Published: August 11, 2008<br />
Publisher: Prentice Hall<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0132350882/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0132350882">here</a><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Programming Pearls (2nd edition)</span></b><br />
By <a href="http://en.wikipedia.org/wiki/Jon_Bentley">Jon Bentley</a><br />
Published: October 7, 1999<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0201657880/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0201657880">here</a><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Working Effectively with Legacy Code</span></b><br />
By Michael Feathers<br />
Published: October 2, 2004<br />
Publisher: Prentice Hall<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0131177052/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0131177052">here</a><br />
<br />
</li>
<li><span class="Apple-style-span" style="color: cyan;"><b>CODE: The Hidden Language of Computer Hardware and Software</b></span><br />
By <a href="http://en.wikipedia.org/wiki/Charles_Petzold">Charles Petzold</a><br />
Published: November 11, 2000<br />
Publisher: Microsoft Press<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0735611319/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0735611319">here</a><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Peopleware: Productive Projects and Teams (2nd Edition)</span></b><br />
By <a href="http://en.wikipedia.org/wiki/Tom_DeMarco">Tom DeMarco</a> and Timothy Lister<br />
Published: February 1, 1999<br />
Publisher: Dorset House<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0932633439/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0932633439">here</a><br />
<br />
</li>
<li><span class="Apple-style-span" style="color: cyan;"><b>Coders at Work: Reflections on the Craft of Programming</b></span><br />
By Peter Seibel<br />
Published: September 16, 2009<br />
Publisher: Apress<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/1430219483/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=1430219483">here</a><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Effective Java (2nd Edition)</span></b><br />
By <a href="http://en.wikipedia.org/wiki/Joshua_Bloch">Joshua Bloch</a><br />
Published: May 28, 2008<br />
Publisher: Prentice Hall<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0321356683/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0321356683">here</a><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Patterns of Enterprise Application Architecture</span></b><br />
By <a href="http://en.wikipedia.org/wiki/Martin_Fowler">Martin Fowler</a><br />
Published: November 15, 2002<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0321127420/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0321127420">here</a><br />
<br />
</li>
<li><span class="Apple-style-span" style="color: cyan;"><b>The Little Schemer (4th Edition)</b></span><br />
By <a href="http://en.wikipedia.org/wiki/Daniel_P._Friedman">Daniel P. Friedman</a>, <a href="http://en.wikipedia.org/wiki/Matthias_Felleisen">Matthias Felleisen</a>, Duane Bibby<br />
Published: December 21, 1995<br />
Publisher: The MIT Press<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0262560992/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0262560992">here</a><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">The Inmates Are Running The Asylum: Why High Tech Products Drive Us Crazy and How to Restore the Sanity</span></b><br />
By <a href="http://en.wikipedia.org/wiki/Alan_Cooper">Alan Cooper</a><br />
Published: March 5, 2004<br />
Publisher: Sams - Pearson Education<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0672326140/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0672326140">here</a><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">The Art of UNIX Programming</span></b><br />
By <a href="http://en.wikipedia.org/wiki/Eric_S_Raymond">Eric S Raymond</a><br />
Published: October 3, 2003<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0131429019/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0131429019">here</a><br />
<br />
</li>
<li><span class="Apple-style-span" style="color: cyan;"><b>Practices of an Agile Developer</b></span><br />
By Venkat Subramaniam and <a href="http://en.wikipedia.org/wiki/Andy_Hunt_(author)">Andy Hunt</a><br />
Published: July 1, 2005<br />
Publisher: Pragmatic Bookshelf<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/097451408X/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=097451408X">here</a><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">The Elements of Style: 50th Anniversary Edition</span></b><br />
By <a href="http://en.wikipedia.org/wiki/William_Strunk">William Strunk</a> and <a href="http://en.wikipedia.org/wiki/E._B._White">E. B. White</a><br />
Published: October 25, 2008<br />
Publisher: Longman<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0205632645/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0205632645">here</a><br />
<br />
</li>
<li><span class="Apple-style-span" style="color: cyan;"><b>Test-Driven Development: By Example</b></span><br />
By <a href="http://en.wikipedia.org/wiki/Kent_Beck">Kent Beck</a><br />
Published: November 18, 2002<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0321146530/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0321146530">here</a><br />
<br />
</li>
<li><span class="Apple-style-span" style="color: cyan;"><b>Don't Make Me Think: A Common Sense Approach to Web Usability</b></span><br />
By Steve Krug<br />
Published: August 28, 2005<br />
Publisher: New Riders Press<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0321344758/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0321344758">here</a><br />
<br />
</li>
<li><span class="Apple-style-span" style="color: cyan;"><b>Domain Driven Design: Tackling Complexity in the Heart of Software</b></span><br />
By Eric Evans<br />
Published: August 30, 2003<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0321125215/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0321125215">here</a><br />
<br />
</li>
<li><b><span class="Apple-style-span" style="color: cyan;">Modern C++ Design: Generic Programming and Design Patterns Applied</span></b><br />
By <a href="http://en.wikipedia.org/wiki/Andrei_Alexandrescu">Andrei Alexandrescu</a><br />
Published: February 23, 2001<br />
Publisher: Addison-Wesley Professional<br />
Amazon Link: <a href="http://www.amazon.com/gp/product/0201704315/ref=as_li_tf_tl?ie=UTF8&tag=intsecdb-20&linkCode=as2&camp=217145&creative=399369&creativeASIN=0201704315">here</a><br />
<br />
<br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
</li>
</ol>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com24tag:blogger.com,1999:blog-1481046064534726300.post-79110420447872992012011-08-28T16:13:00.004+08:002011-09-17T11:50:07.122+08:00Meet Ice IX, Son Of ZeuS<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqpLha8KggaVizU1zWxaEQkUl4BiWmvKy_7NTVbVyvC8UFlzyK_ZSOccgLS5CG0rESDiyU80zUbY2tSnSVMEezhmC3b4v0MDUqsA_ewmHyWQxrZFiaJpiAth5ojvmq3eJoOe2zX5N4FBo/s1600/ice-ix-trojan-botnet.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqpLha8KggaVizU1zWxaEQkUl4BiWmvKy_7NTVbVyvC8UFlzyK_ZSOccgLS5CG0rESDiyU80zUbY2tSnSVMEezhmC3b4v0MDUqsA_ewmHyWQxrZFiaJpiAth5ojvmq3eJoOe2zX5N4FBo/s320/ice-ix-trojan-botnet.png" width="274" /></a></div>Earlier this year the online banking malware ZeuS trojan's source code was <a href="http://www.csis.dk/en/csis/blog/3229/">leaked</a>. One of the predictions made by security researchers at the time was that the leaked code would be used by independent malware developers, who would explore it and develop their own hybridized versions of ZeuS, adding custom features and advancements to it.<br />
<br />
A new trojan was briefly presented to cybercriminals in the Russian-speaking underground in late April 2011 (as v1.0.0). The developer who wrote the new trojan, and named it "Ice IX", openly declared that he developed his new trojan based on the ZeuS v2 source code, and in doing so allegedly perfecting flaws and bugs he believed needed fixing to improve the product's value to its cybercriminal customers.<br />
<br />
<span class="Apple-style-span" style="font-size: large;">What's in a name: the meaning of "Ice IX"</span><br />
The naming of Ice IX is quite interesting; there are a number of sources from which the developer could have been inspired to name the new trojan Ice IX. I've listed these in order from "most likely" to "least likely" to have been the inspiration.<br />
<br />
<ol><li>Ice 9 is a fictional computer virus from the film "The Recruit" (2003). The malware, named Ice-9 in tribute to Kurt Vonnegut's ice-nine (see item no. 8 below), would erase hard drives and travel through power sources which are not protected; possibly erasing data from every computer on Earth.</li>
<li>Ice 9 is an album by Russian rock band Smyslovye Gallyutsinatsii, two songs from which won the Russian Golden Gramophone award twice. The band is also known under a much shorter name "Glyuki", a slang term, which means basically the same as the long name: glitches in your brain. More: <a href="http://en.wikipedia.org/wiki/Smyslovye_Gallyutsinatsii">http://en.wikipedia.org/wiki/Smyslovye_Gallyutsinatsii</a></li>
<li>ICE is a well known cyberpunk reference to "Intrusion Countermeasures Electronics" - software which works to prevent intruders/hackers/cyberpunks getting access to sensitive data. It is "visible" in cyberspace as actual walls of ice, stone, or metal. Black ICE refers to ICE that are capable of killing the intruder if deemed necessary or appropriate; some forms of black ICE may be artificially-intelligent. More: <a href="http://en.wikipedia.org/wiki/Intrusion_Countermeasures_Electronics">http://en.wikipedia.org/wiki/Intrusion_Countermeasures_Electronics</a></li>
<li>In cryptography, ICE (Information Concealment Engine) is a block cipher published by Kwan in 1997. The ICE algorithm is not subject to patents, and the source code is in the public domain. More: <a href="http://en.wikipedia.org/wiki/ICE_%28cipher%29">http://en.wikipedia.org/wiki/ICE_(cipher)</a></li>
<li>The term ICE, referencing the cyberpunk usage, has been adopted by some real-world security software manufacturers: BlackICE, security software made by IBM Internet Security Systems. Black Ice Defender, security software made by Network ICE. Network ICE, a security software company. </li>
<li>On April 28, 2009, the Information and Communications Enhancement Act, or ICE Act for short, was introduced to the United States Senate by Senator Tom Carper to make changes to the handling of information security by the federal government, including the establishment of the National Office for Cyberspace. More: <a href="http://www.opencongress.org/bill/111-s921/show">http://www.opencongress.org/bill/111-s921/show</a></li>
<li>Ice IX is a form of solid water stable at temperatures below 140 K and pressures between 200 and 400 MPa. It has a tetragonal crystal lattice and a density of 1.16 g/cm³, 26% higher than ordinary ice. It is formed by cooling ice III from 208 K to 165 K (rapidly—to avoid forming ice II). Its structure is identical to ice III other than being proton-ordered. More: http://en.wikipedia.org/wiki/Ice_IX</li>
<li>Ice-nine is a fictional material conceived by writer Kurt Vonnegut in his 1963 novel "Cat's Cradle". It is different from, and does not have the same properties as, the real-world ice polymorph Ice IX; existing, for example, as a stable solid at room temperature and regular atmospheric pressure. More: <a href="http://en.wikipedia.org/wiki/Ice-nine">http://en.wikipedia.org/wiki/Ice-nine</a></li>
<li>Ice 9 is a song by Joe Satriani from his album Surfing with the Alien.</li>
<li>Ice Nine is a first-person shooter game for the Game Boy Advance console. More: <a href="http://en.wikipedia.org/wiki/Ice_Nine_%28game%29">http://en.wikipedia.org/wiki/Ice_Nine_(game)</a></li>
<li>A substance called Ice 9 is referred to in the Nintendo DS game "999: Nine Hours, Nine Persons, Nine Doors". It seems to be a reference to Vonnegut's ice-nine substance, and not to the real thing. More: <a href="http://en.wikipedia.org/wiki/999:_Nine_Hours,_Nine_Persons,_Nine_Doors">http://en.wikipedia.org/wiki/999:_Nine_Hours,_Nine_Persons,_Nine_Doors</a></li>
<li>Ice Nine is the name of a new screenplay which is currently in development by New York production company Whiskey Outpost. More: <a href="http://whiskeyoutpost.com/ice.html">http://whiskeyoutpost.com/ice.html</a></li>
</ol>Wow, bet you never knew there was so many references to ICE and ICE 9 in the world right? !! So ... back onto the Malware form of Ice IX...<br />
<br />
<span class="Apple-style-span" style="font-size: large;">Tracker Evasion</span><br />
The new feature considered most valuable by Ice IX's developer is the implementation of a defense mechanism designed to evade Tracker sites, which he managed to implement in version 1.0.5 of the Ice IX trojan. Repeatedly stressed by Ice IX's developer, his buyers will finally be able to sidestep what has apparently become quite the hurdle for cybercriminals - ZeuS and SpyEye trackers. The two main tracker sites, "ZeuS tracker" and "SpyEye tracker" are operated by a Swiss-based organization which monitors and reports malicious C&C (Command and Control) servers to web users, service providers, CERTs and law enforcement agencies. Ice IX's developer claims that the evasion mechanism means the malware can be hosted on standard (legitimate) hosting servers, as opposed to having to use so called "bulletproof" servers which are expensive and typically operate specifically to service cybercrime-based customers.<br />
<br />
<span class="Apple-style-span" style="font-size: large;">A Better Injection Mechanism</span><br />
The injection mechanism refers to how the malware is able to "inject" code and data into the webpage of an online banking site while the user is actually using the site in order to alter the function of the page. Typically ZeuS has had problems when injecting into javascript and also had difficulty maintaining original look and feel of a page when CSS was used. Ice IX seems to have overcome some of these issues, giving the malware a much better success rate. <br />
<br />
<span class="Apple-style-span" style="font-size: large;">Marketing the Malware</span><br />
Extracts from the original text posted by Ice IX's developer in a Russian forum, translated to English:<br />
<br />
<span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Ice 9 is a new private Form Grabber-bot based on ZeuS, but a serious rival to it. Built on a modified ZeuS core, the core was re-worked and improved. The bypassing of firewalls and other proactive defenses was perfected. Moreover, the injection mechanism has been improved, allowing much more stability for the injections. The main purpose of this trojan was to counteract trackers, raising the conversion rate and the bots' TTL (time to live), as compared to its predecessor. These features were successfully implemented as we constantly work to further improve the code. <br />
<br />
Main Functions</span><br />
<ul><li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Keylogging</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">HTTP and HTTPS Form Grabbing, injecting its own code into IE and into IE-based browsers (Maxton, AOL, etc..), as well as Mozilla FireFox.</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">.sol Cookie Grabbing and scraping info from saved forms</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">FTP client credentials grabbing: FlashFXP, Total Commander, WsFTP 12, FileZilla 3, FAR Manager 1, 2, WinSCP 4.2, FTP Commander, CoreFTP, SmartFTP</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Windows Mail, Live Mail, Outlook grabbing</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Socks with backconnect possibility</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Real-Time screenshots, plus the option to automate taking screenshots while the bot browses to preset URLs</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Grabs certificates from MY storage space and clears storage (certificates marked as “Non-Exportable” cannot be exported correctly). Once cleared, all new certificates will be sent to the bot master's C&C server.</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Upload specific files from the infected machine or perform searches on local disks enabling wildcards.</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">TCP protocol traffic sniffer</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Elaborate set of commands to control the infected PCs </span></li>
</ul><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Advantages</span><br />
<ul><li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Protected from trackers¹</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Host your botnet with conventional hosting, not needing bulletproof servers, which will save you loads of money.</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Better bot conversion rate², frequent version upgrades and tech support.</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Developing more modules and features may be negotiated per the client’s request.</span></li>
</ul>¹ By trackers, the developer means the ZeuS tracker and SpyEye tracker: Swiss-based Anti malware organizations.<br />
² Bot conversion rate is the ratio of the number of bots which actually communicate with the C&C server divided by the total number of bots infected.<br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcNqy-256_8cZJsyMl0sjCwVtc18H38xaaI4ixoaTRuOCwmlgvdr9IhqwzSyfK_t9rYxXusF8-fs4XRbV3c7K2xi2bKEhqHGwuvcFShxgm2Z5GnE7zxxhxw2JCsInszupcF9_nfGmD4wU/s1600/ice-crystals.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="305" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcNqy-256_8cZJsyMl0sjCwVtc18H38xaaI4ixoaTRuOCwmlgvdr9IhqwzSyfK_t9rYxXusF8-fs4XRbV3c7K2xi2bKEhqHGwuvcFShxgm2Z5GnE7zxxhxw2JCsInszupcF9_nfGmD4wU/s320/ice-crystals.jpg" width="320" /></a></div><br />
<span class="Apple-style-span" style="font-size: large;">Licensing and Prices for Version 1.0.5</span><br />
<br />
<ul><li>BASIC LICENSE: Trojan with hardcoded C&C server: $600. You get the Bot + the Builder that generates the configuration file.</li>
<li>COMPLETE LICENSE: Open Trojan with unlimited Builder license: $1,800 </li>
</ul><br />
Ice IX is offered at a lower price than what one would have paid for a comparative ZeuS kit or a SpyEye kit (SpyEye is still being sold for an approximate $4,000 USD today). According to earlier posts about Ice IX an open license to the first version v1.0.0 was sold for $1,500.<br />
<br />
<span class="Apple-style-span" style="font-size: large;">Upcoming Enhancements<br />
<span class="Apple-style-span" style="font-size: small;">In an English-speaking online forum, the trojan's developer gives potential buyers a glimpse into what will be included in the next upgrade:</span></span><br />
<ul><li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">HTML & JavaScript injections that will work on the Firefox browser.</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">A function that will block the SpyEye trojan on Ice IX-infected PCs (this sounds exactly like the 'Kill ZeuS' feature of SpyEye).</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">As with ZeuS, Ice IX will encrypt communication with the C&C server, using a different encryption algorithm to ZeuS.</span></li>
</ul><span class="Apple-style-span" style="font-size: large;">Review of Ice IX by another Cybercrime Vendor</span><br />
After the posting of Ice IX, another vendor selling HTML injections offered his stamp of approval of the Ice IX trojan. The new Ice IX buyer had some opinions on the injection mechanism of Ice IX:<br />
<ul><li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">JavaScript files are easily injected, and you can’t say that about ZeuS </span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">CSS files are successfully injected; it appears that Ice IX supports the use of Cascading Style Sheets in the process of integrating injected content into the original website's look and feel. This improvement steps-up the appearance of injected content and web page replicas. </span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">The order of data_before, data_after, data_inject blocks plays no role. The trojan understands them in any block order. When referring to data_before / data_after blocks, the fraudster is speaking of the delimitations that must be specified to a web injection. For example:</span></li>
<ul><li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Data_before: When a login set requires username, password and secret question, the data_before is all three sets</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Data_inject: The additional data that the fraudster would like to inject into the page</span></li>
<li><span class="Apple-style-span" style="font-family: 'Courier New', Courier, monospace;">Data_after: The lower limit field of the data the trojan looks for</span></li>
</ul></ul>In the ZeuS trojan's injection mechanism, these three blocks had to come in a specific order. Using Ice IX, the order no longer matters; the trojan understands what it has to locate and inject. This means that the new injections are more fail-tolerant than the way they were used in ZeuS. Other changes applied to the code also aim to facilitate ease of functionality, rendering Ice IX more tolerant in a sense, where the use of wildcards in URL names does not slow page loading and case-sensitive search terms could be incorporated into the data fields searched by the trojan.<br />
<br />
<span class="Apple-style-span" style="font-size: large;">Conclusion</span><br />
So we can expect that from now on, more new banking malware will be based on ZeuS (and SpyEye) code. New malware developers, hoping to profit from cybercrime, will attempt to create their own new alternatives based on this source with the addition of incremental improvements over the older versions.<br />
<br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com3tag:blogger.com,1999:blog-1481046064534726300.post-55168822930020715092011-08-22T21:32:00.003+08:002011-09-17T11:52:47.288+08:00Classifying Hacking in 4D: Impact, Illegality, Evilness and Complexity<div class="separator" style="clear: both; text-align: center;"></div><div class="separator" style="clear: both; text-align: center;"></div><div class="separator" style="clear: both; text-align: center;"></div><br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhx89AlD5OImt0sB1IXkHwpUmxbzZE-f0Vnd4KfjdOXbgb79C4LUkNmuiaqcRTdgdB-W78953-DwpdqkebkUsKo7-zDwd24ohaXVaVycbHTgm3__oXkGMjfGzK-XFcanKzC8y3VaRso1JQ/s1600/classifying-hacking-in-4D-impact-illegality-evilness-complexity1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhx89AlD5OImt0sB1IXkHwpUmxbzZE-f0Vnd4KfjdOXbgb79C4LUkNmuiaqcRTdgdB-W78953-DwpdqkebkUsKo7-zDwd24ohaXVaVycbHTgm3__oXkGMjfGzK-XFcanKzC8y3VaRso1JQ/s1600/classifying-hacking-in-4D-impact-illegality-evilness-complexity1.png" /></a></div><br />
This chart is an attempt to classify hacking events and methods with something more than the simple black, white and grey hat hacking classification. After looking through a number of different possible attributes, the ones I came up with were the following, each rated on a scale of 0 to 10.<br />
<ul><li><b>IMPACT<br />
</b>what sort of damage has been done to systems or to finances. a score of 0 means an improvement was made to the system due to the hack.<br />
</li>
<li><b>ILLEGALITY<br />
</b>where on the legal scale does the event lie in the range of 100% legal to 100% illegal, or it might be a bit of a "grey area"?<br />
</li>
<li><b>EVILNESS</b><br />
yes, a bit subjective I know, but can we generalize that the motivation of the attacker is good, evil or maybe something in between?<br />
</li>
<li><b>COMPLEXITY</b><br />
how complex was the attack, is it a simple DDOS or an advanced threat like an online banking password stealing botnet?</li>
</ul>Please note that this is just the first draft of the chart, and I've guesstimated the above data as best as I could. This is an attempt to see how the chart feels when classifying hacking methods.<br />
<br />
Any comments would be most appreciated.<br />
<br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-18960413445000311222011-08-18T20:57:00.007+08:002011-09-17T12:10:56.960+08:00Online Banking Safety<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjYee_ZRbsOs11OH7HuijpO5or7EgK60f5lkdofJfzeOqi9EyHLklx7jFySbRHADkv-OUMlZJEoTAQOkFul54qzk3VorQPLKd5TIi02f9pl81SwHXKGVqoqzbBkDxfPbYD1Ry7sb6lOfE/s1600/online-banking.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="228" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjYee_ZRbsOs11OH7HuijpO5or7EgK60f5lkdofJfzeOqi9EyHLklx7jFySbRHADkv-OUMlZJEoTAQOkFul54qzk3VorQPLKd5TIi02f9pl81SwHXKGVqoqzbBkDxfPbYD1Ry7sb6lOfE/s320/online-banking.png" width="320" /></a></div><span class="Apple-style-span" style="font-size: large;">Specialist eBanking Malware</span><br />
<ul><li>Specialized trojan malware infecting PCs used for internet banking are becoming prevalent.</li>
<li>For example the ZeuS Trojan or SpyEye Trojan are both designed to infect a Windows-based PC and enlist it into a botnet of controlled PCs, from which can be harvested online banking usernames, passwords and credit card credentials.</li>
</ul><div><span class="Apple-style-span" style="font-size: large;">What Happens During An Attack</span><br />
<ul><li>The trojan malware only becomes active when a user on the infected computer connects to a bank website, during which the trojan starts to record account details, passwords and other confidential information.</li>
<li>The trojan malware will typically add one or more new employees or payee accounts in the name of "money mules".</li>
<li>A transfer between $1,000 and $10,000 will be made to a "money mule" account - a legitimate bank account held by a real customer. </li>
<li>Owners of these "money mule" accounts have agreed to transfer sums they receive to someone else, after taking a cut. They are often unaware of being involved in a crime, and are typically targeted by "work at home" type scams offering easy money, or given some other legitimate reason why they are required to transfer the money.</li>
<li>By the time the police have investigated the attack, the recipient of the money will usually have collected the transferred money, and is usually residing outside of the country of both the victim, and the money mule.</li>
</ul><div><span class="Apple-style-span" style="font-size: large;">The Source of the Problem</span></div></div><ul><li>The source code for the ZeuS Trojan was originally offered for sale for approx $10000 to enable criminal gangs to control their own botnet or customise it for their particular market's needs.</li>
<li>The source code of the ZeuS trojan has now been leaked and is available for free (or at a nominal cost) on hacker forums.</li>
<li>The leak of the ZeuS source on May 7, 2011 is described <a href="http://www.csis.dk/en/csis/blog/3229/">here</a>.</li>
<li>The SpyEye 'builder' crack was leaked on August 11, 2011, as described <a href="http://blog.damballa.com/?p=1357">here</a>. </li>
<li>French security researcher Xyliton, part of the Reverse Engineers Dream (RED) Crew reverse engineered the 'builder' (the tool that generates the SpyEye malware) and was able to crack its hardware identification (HWID) layer which locked the SpyEye builder to a particular physical device.</li>
<li>The cracked SpyEye builder enables new trojan developers to avoid the attribution that was previously associated with the high-priced toolkit and launch their own, untraceable versions of SpyEye. Where previous trojans built using the kit could be traced back to the original buyer of the toolkit, this will make it more difficult to track SpyEye botnets back to the source, since they have no attribution.</li>
</ul><span class="Apple-style-span" style="font-size: large;">A Virtual Turf War: ZeuS vs SpyEye </span><br />
<br />
The ZeuS malware package has been around long enough to earn the title "crimeware toolkit" from Symantec. The relatively newer SpyEye, first seen in 2010, includes a component called KillZeus that destroys its "competitor", ZeuS, on any machine they share. In addition to eliminating a competing botnet operator on an infected machine, being able to delete the older ZeuS Trojan gives the newer SpyEye operator a pre-configured bot which has already proven that its owner isn't going to discover the infection immediately. In both ZeuS and SpyEye, the malware developers have tried to build anti-kill functions into their own malware, so ZeuS can now defend itself against SpyEye's KillZeus module. It seems that in the world of botnet development, as with legitimate product sales, existing victims (read customers) are a lot more stable and valuable than new, unproven ones.<br />
<br />
<span class="Apple-style-span" style="font-size: large;">Attack Prevention and Mitigation Methods</span><br />
<ul><li>Ensure an up to date browser and operating system.</li>
<li>Avoid Microsoft Internet Explorer if possible; Mozilla Firefox and Google Chrome are generally safer.</li>
<li>Ensure an up to date and effective commercial <a href="http://www.internetsecuritydb.com/p/anti-virus-comparison.html">anti-virus software</a> is installed.</li>
<li>If possible use a dedicated PC specifically for commercial internet banking only. This means it will see no general-purpose internet usage, and is therefore less likely to get infected.</li>
<li>Change online banking passwords regularly, at least once per month for commercial internet banking. </li>
<li>Implement two-factor authentication for banking/payroll transfers.</li>
<li>Ask your bank to remove or restrict the capability to add new employees and/or new payee accounts from your online account. Replace this operation with a secure method, requiring at least two factor authentication and/or phone support.</li>
</ul><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSComKCf0onQRJn23xM87NIiUfW1CVqS3dSFxmpoxsPvCyMpw0gdqq71oCqaCINNJoLeSp1YCa7hfAUgqwrVeSs9Fj_n4VWil86adt8YTAwTI_Nlt3bKchBCeKyqKV_a5chP-LmIACHK4/s1600/criminal_with_bag_of_money.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSComKCf0onQRJn23xM87NIiUfW1CVqS3dSFxmpoxsPvCyMpw0gdqq71oCqaCINNJoLeSp1YCa7hfAUgqwrVeSs9Fj_n4VWil86adt8YTAwTI_Nlt3bKchBCeKyqKV_a5chP-LmIACHK4/s320/criminal_with_bag_of_money.png" width="223" /></a></div><span class="Apple-style-span" style="font-size: large;">Recent Cases of Businesses and Organisations Targeted by Banking Trojans</span><br />
<br />
<b>July, 2011 </b>Total scammed: <span class="Apple-style-span" style="color: red;">$217,000</span><br />
Metropolitan Entertainment & Convention Authority (MECA), a nonprofit organization responsible for operating the Qwest Center in Omaha, Nebraska was targeted by unspecified malware infecting one computer via an email attachment. Details <a href="http://krebsonsecurity.com/2011/08/ethieves-steal-217k-from-arena-firm/">here</a>.<br />
<br />
<b>July, 2011 </b>Total scammed: <span class="Apple-style-span" style="color: red;">$28,000</span><br />
The Town of Eliot, Maine - the PC belonging to the town controller was infected with unspecified banking trojan malware. Details <a href="http://krebsonsecurity.com/2011/07/ebanking-theft-costs-town-of-eliot-me-28k/">here</a>.<br />
<br />
<b>February, 2011</b> Total scammed: <span class="Apple-style-span" style="color: red;">$150,000</span><br />
Port Austin, Michigan based United Shortline Insurance Service Inc., an insurance provider serving the railroad industry, discovered on Feb. 5 that the computer used by their firm’s controller had been infected with the ZeuS trojan. Details <a href="http://krebsonsecurity.com/2010/02/hackers-steal-150000-from-mich-insurance-firm/">here</a>.<br />
<br />
<b>January, 2011</b> Total scammed: <span class="Apple-style-span" style="color: red;">$378,000</span><br />
The town of Poughkeepsie, New York was hit by unspecified cyber criminals from Ukraine who took over control of their online bank account. Details <a href="http://www.computerworld.com/s/article/9153598/Poughkeepsie_N.Y._slams_bank_for_378_000_online_theft">here</a>.<br />
<br />
<b>November, 2010</b> Total scammed: <span class="Apple-style-span" style="color: red;">$63,000</span><br />
Green Ford Sales of Abilene, Kansas was infected with the ZeuS trojan malware. Details <a href="http://krebsonsecurity.com/2011/02/sold-a-lemon-in-internet-banking/">here</a>.<br />
<br />
<b>October, 2010</b> Total scammed: <span class="Apple-style-span" style="color: red;">$600,000</span><br />
The city of Brigantine, New Jersey had their online banking credentials compromised by unspecified malware. Details <a href="http://krebsonsecurity.com/2010/10/hackers-steal-600000-from-brigantine-nj/">here</a>.<br />
<br />
<b>March, 2010</b> Total scammed: <span class="Apple-style-span" style="color: red;">$465,000</span><br />
California-based real estate escrow company, Village View Escrow infected by the ZeuS trojan. Details <a href="http://krebsonsecurity.com/2011/07/calif-co-sues-bank-over-465k-ebanking-heist/">here</a>.<br />
<br />
<b>November, 2009</b> Total scammed: <span class="Apple-style-span" style="color: red;">$200,000</span><br />
Plano, Texas based Hillary Machinery Inc. was hit by cyber criminals from Romania and Italy who transferred $801,495 out of their account in 48 hours. In this case the bank, PlainsCapital, managed to retrieve roughly $600,000 of the money. Details <a href="http://krebsonsecurity.com/2010/01/texas-bank-sues-customer-hit-by-800000-cyber-heist/">here</a>.<br />
<div><br />
<br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a><br />
</div>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com2tag:blogger.com,1999:blog-1481046064534726300.post-6132854840324340532011-08-08T20:56:00.003+08:002011-09-17T12:09:53.459+08:002011 Year of the Hack: A Timetable of Ownage<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="http://www.fileden.com/files/2011/8/8/3179707//2011-year-of-the-hack-a-timetable-of-ownage.png">Click to Enlarge...</a><br />
<a href="http://www.fileden.com/files/2011/8/8/3179707//2011-year-of-the-hack-a-timetable-of-ownage.png" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjSuoD5zVZERrWM3CfJKzJzMcMTUAqMUujj5hE8SP4APLectA2vvVTu7JUL6HCeUo7tf0a8QKQmqFZD7z__AtwRK77I9AtkVniOeHapqPtwRw4U1P5i2ISQyH_4DJXEdQxiBXGGf3ah63s/s1600/2011-year-of-the-hack-a-timetable-of-ownage.png" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="http://www.fileden.com/files/2011/8/8/3179707//2011-year-of-the-hack-a-timetable-of-ownage.png">Click to Enlarge...</a></td></tr>
</tbody></table><br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-30045205754181464932011-08-07T20:54:00.003+08:002011-09-17T12:08:58.024+08:00AntiSec Hacks US Law Enforcement: 10GB of Emails and Data Made Public<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcGLBsqddia7Pi85nZ72UfDSj8FELir86WQ6vYuAq2plsGXXXMZPoVeLzoXkF3VaznI6lS7WZJ9lypcPG-Yy4BCIHnHzTO7W84kL_Nn_Up_GvURRVslynJ9ve8clffhsTyT7US-4iwifU/s1600/antisec-police-hack-website-screenshot-shooting-sheriffs-saturday.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="577" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgcGLBsqddia7Pi85nZ72UfDSj8FELir86WQ6vYuAq2plsGXXXMZPoVeLzoXkF3VaznI6lS7WZJ9lypcPG-Yy4BCIHnHzTO7W84kL_Nn_Up_GvURRVslynJ9ve8clffhsTyT7US-4iwifU/s640/antisec-police-hack-website-screenshot-shooting-sheriffs-saturday.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The home page of the website where AntiSec have dumped the leaked data</td></tr>
</tbody></table><br />
In retaliation for recent arrests, the AntiSec hacking group say they've released their "largest cache yet" of data stolen from law enforcement agencies in the US, and have dubbed it "Shooting Sheriffs Saturday".<br />
<br />
<b>The Leaked Data Contains:</b><br />
<br />
<ul><li>Over 300 email accounts from 56 law enforcement domains, totaling more than 200,000 messages.</li>
<li>7000+ home addresses, usernames, passwords, phone numbers, credit card numbers, and SSNs (Social Security Numbers) from the Missouri Sheriff account dump (mosheriffs.com).</li>
<li>Online Police Training Academy files (PDFs, videos, HTML files).</li>
<li>List of "Report a Crime" informants (60+ entries).</li>
<li>Plesk (Website administration tool) server passwords giving access to FTP, SSH, Email, CPanel and .HTACCESS Protected directories.</li>
</ul><br />
<span class="Apple-style-span" style="font-size: large;">Recent Arrests</span><br />
Law enforcement around the globe have arrested several suspected Anonymous members in recent days, including the UK's Jake Davis who is suspected to be LulzSec spokesman Topiary. Before this came the arrests of 16 people in the US, four in the Netherlands, and a 16-year-old in London (suspected to be LulzSec member Tflow) as part of a global investigation into denial-of-service attacks on PayPal late last year in support of WikiLeaks, and other attacks. The AntiSec release says this attack was made <i>"in solidarity with Topiary and the Anonymous PayPal LOIC defendants as well as all other political prisoners who are facing the gun of the crooked court system".</i><br />
<br />
<span class="Apple-style-span" style="font-size: large;">DHS Bulletin</span><br />
One of the motives for AntiSec seems to be a recent DHS (US Department of Homeland Security) <a href="http://www.fbiic.gov/public/2011/jul/A-0010-NCCIC-BULLETIN.pdf">bulletin</a>.<br />
<br />
From AntiSec: <i>"A recent DHS bulletin has called us "script kiddies" that lack "any capability to inflict damage to critical infrastructure" yet we continue to get in and out of any system we please, destroying and dropping dox on the mightiest of government systems that are supposed to be protecting their sick nightmare of "law and order". GIVE UP. You are losing the cyberwar, and the attacks against the governments, militaries, and corporations of the world will continue to escalate."</i><br />
<br />
Here are the two relevant passages from the DHS bulletin which seem in particular to have irked AntiSec:<br />
<br />
<ol><li>"The actors who make up the hacker group “Anonymous” and several likely related offshoots like “LulzSec”, continue to harass public and private sector entities with rudimentary exploits and tactics, techniques, and procedures (TTPs) commonly associated with less skilled hackers referred to as “Script Kiddies”. [Script Kiddie: Unskilled individuals who use scripts or programs developed by others to attack computer systems and networks and deface websites.] Members of Anonymous routinely claim to have an overt political agenda and have justified at least a portion of their exploits as retaliation for perceived ‘social injustices’ and ‘freedom of speech’ issues. Attacks by associated groups such as LulzSec have essentially been executed entirely for their and their associates’ personal amusement, or in their own hacker jargon “for the lulz”. </li>
<li>"So far, Anonymous has not demonstrated any capability to inflict damage to critical infrastructure, instead choosing to harass and embarrass its targets."</li>
</ol><span class="Apple-style-span" style="font-size: large;">How they did it</span><br />
The initial compromise to the sheriff websites was done about two weeks ago on Arkansas-based web designers <a href="http://www.bjmweb.com/">Brooks-Jeffrey Marketing (BJM)</a>, which hosts sheriff association websites. The hackers say they were easily able to get back into the compromised servers after they were taken offline to have their security beefed up by the law enforcement agencies. <i>"We were surprised and delighted to see that not only did they relaunch a few sites less than a week later, but that their 'bigger, faster server that offers more security' carried over our backdoors from their original box. This time we were not going to hesitate to pull the trigger: in less than an hour we rooted their new server and defaced all 70+ domains while their root user was still logged in and active."</i><br />
<br />
An internet security expert claims AntiSec may have gone after the sheriffs' offices because their hosting company was an easy target. Dick Mackey, vice-president of consulting at SystemExperts of Sudbury, Massachusetts, said many organizations did not see themselves as potential targets for international hackers, causing indifference that could leave them vulnerable. "It seems to me to be low-hanging fruit," he said. "If you want to go after someone and make a point and want to have their defences be low, go after someone who doesn't consider themselves a target."<br />
<br />
In a further embarrassment, AntiSec used the stolen credit card details to make donations to the American Civil Liberties Union, the Electronic Frontier Foundation, and the Bradley Manning Support Network, according to the statement. They are strong supporters of whistle-blower site WikiLeaks and Manning, the Army soldier arrested last year for leaking classified data to the site.<br />
<br />
<b>Links</b><br />
<br />
AntiSec's original media release: <a href="http://pastebin.com/iKsuRkUj">http://pastebin.com/iKsuRkUj</a><br />
<br />
The AntiSec statement signs off with some poetry/rap:<br />
<br />
<i><span class="Apple-style-span" style="color: red;">I take a left at the light, turn off the headlights and ride real slow</span></i><br />
<i><span class="Apple-style-span" style="color: red;">Now holla at me when you see the 5-0</span></i><br />
<i><span class="Apple-style-span" style="color: red;">Alright Dirty, yall boys ready?</span></i><br />
<i><span class="Apple-style-span" style="color: red;">Bout to turn drive-bys revolutionary</span></i><br />
<i><span class="Apple-style-span" style="color: red;">*POW POW POW POW POW* YEAH MUTHAFUCKA YEAH!</span></i><br />
<i><span class="Apple-style-span" style="color: red;">*POW POW POW POW POW* YEAH MUTHAFUCKA YEAH!</span></i><br />
<i><span class="Apple-style-span" style="color: red;">Look at 'em run, too scared to pull they guns</span></i><br />
<i><span class="Apple-style-span" style="color: red;">Outta shape from them coffees and them cinnamon buns</span></i><br />
<i><span class="Apple-style-span" style="color: red;">This shit is fun, how I feel when the tables is turned</span></i><br />
<i><span class="Apple-style-span" style="color: red;">Hollow tips hit yah flesh through yo vests and it burn</span></i><br />
<i><span class="Apple-style-span" style="color: red;">That's a lesson you learn, comin straight from the slums</span></i><br />
<i><span class="Apple-style-span" style="color: red;">And it don't stop till we get full freedom</span></i><br />
<div><br />
</div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsen1UVeBHmIVLu6QGxdlHuEUDw_TcViLnaPQnvTMXoctLbSvtsurgssZgJuWVbbGqa7ACCBGheZUh8t99YVzOWtdgvx3KxkQZQw0YWkn7QRqqQEWbZTQcqCOUWUvRJzVy3B43mwzGvME/s1600/AntiSec_Logo.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="213" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgsen1UVeBHmIVLu6QGxdlHuEUDw_TcViLnaPQnvTMXoctLbSvtsurgssZgJuWVbbGqa7ACCBGheZUh8t99YVzOWtdgvx3KxkQZQw0YWkn7QRqqQEWbZTQcqCOUWUvRJzVy3B43mwzGvME/s320/AntiSec_Logo.jpg" width="320" /></a><br />
</div><div style="text-align: left;"><a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a></div><div style="text-align: left;"><br />
</div><div style="text-align: left;"><a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a></div>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-45023822483063990192011-08-05T22:16:00.003+08:002011-09-17T12:08:08.312+08:00McAfee Operation Shady RAT: A Media Storm is Unleashed<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8U1lMqoenA9MEfcqH34BpJW73RWi_-gFwQLzwUqCPlxmpOxPQC8b8K_8_Ltq5b9sJGhA9_gv8WFp9B-FtWho7lLKueGcebsvODYCAKWZMHQnuNQ9Na3FL3psy6YmJiV-EIWUoSO060gA/s1600/mcafee-operation-shady-rat-cyber-attack.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8U1lMqoenA9MEfcqH34BpJW73RWi_-gFwQLzwUqCPlxmpOxPQC8b8K_8_Ltq5b9sJGhA9_gv8WFp9B-FtWho7lLKueGcebsvODYCAKWZMHQnuNQ9Na3FL3psy6YmJiV-EIWUoSO060gA/s1600/mcafee-operation-shady-rat-cyber-attack.jpg" /></a></div><i>On Thursday morning August 4, I switched on the radio on the way to work to listen to the news headlines by the local radio station and was gobsmacked to be hearing them talking about the "biggest cyber attack" </i><i>ever having been found by McAfee, dubbed Operation Shady RAT. For the first time I can every remember, an infosec story had made it on the news headlines of my local radio station, and in the process gained some valuable PR and credibility for McAfee...</i><br />
<br />
<span class="Apple-style-span" style="font-size: large;">How it played out</span><br />
<br />
The storm of media interest was sparked at 9.14pm, Tuesday night US time, August 2, when the <a href="http://blogs.mcafee.com/mcafee-labs/revealed-operation-shady-rat">original blog post</a> and research report was released by McAfee researcher Dmitri Alperovitch. The first media <a href="http://www.vanityfair.com/culture/features/2011/09/operation-shady-rat-201109">article</a> appeared on Vanity Fair which was given the web exclusive story first.<br />
<br />
Many thousands of other media outlets then ran with the story on the following day (Wednesday), typically<br />
summarising the research report, with many claiming it to be the <a href="http://gizmodo.com/5827187/operation-rat-is-the-largest-cyber-attack-ever-uncovered">biggest cyber attack in history</a>. Many also <a href="http://www.pcpro.co.uk/news/security/369085/security-team-uncovers-biggest-ever-cyber-attack">pointed the finger of blame squarely at China</a>, without any real evidence. <a href="http://www.itnews.com.au/News/265782,biggest-ever-series-of-cyber-attacks-uncovered.aspx">Jim Lewis</a>, a cyber expert with the <a href="http://csis.org/">Center for Strategic and International Studies</a> who was briefed on the hacking discovery by McAfee, said it was very likely China was behind the campaign because some of the targets had information that would be of particular interest to Beijing. "Everything points to China. It could be the Russians, but there is more that points to China than Russia," Lewis said.<br />
<br />
<span class="Apple-style-span" style="font-size: large;">The facts of the case, as presented by McAfee's report</span><br />
<ul><li>Botnet-like malware communicating with a single C&C (Command and Control) server was found on the 72 infected computers.</li>
<li>A variety of different exploits were used to gain access to the victims computers, largely through spear phishing type attacks.</li>
<li>72 organisations were identified across a swathe of areas including government, industrial, technology, defense, sporting, corporate and non-profit NGOs.</li>
<li>49 of the victims were from the USA.</li>
<li>There was no evidence presented of any specific or important data being lost.</li>
<li>There was no mention of the total number of unique IP addresses that were found to be infected.</li>
</ul>The research report clearly states that "In all, we identified 72 compromised parties (many more were present in the logs but without sufficient information to accurately identify them)". In an <a href="http://risky.biz/RB205">interview</a> on Friday with Risky.biz, <a href="http://au.linkedin.com/in/seanduca">Sean Duca</a> of McAfee Australia contradicted the research document by pointedly remarking that the total number of infected hosts was limited to only the 72 organisations listed in the report. However, in an <a href="http://www.pcmag.com/article2/0,2817,2390378,00.asp">interview</a> with PC Mag, Dmitri Alperovitch said "I think it's fair to assume, that if you look at the totality of activity that's occurring, it's in the thousands of targets".<br />
<br />
As Graham Cluley of Sophos' Naked Security Blog <a href="http://nakedsecurity.sophos.com/2011/08/03/shady-rat-biggest-cyber-attack/">stated</a> "What the report doesn't make clear is precisely what information was stolen from the targeted organisations, and how many computers at each business were affected." Cluley decried the way the media has rushed to blame China for the attacks. "I don't think we should be naive. I'm sure China does use the internet to spy on other countries. But I'm equally sure that just about *every* country around the world is using the internet to spy. Why wouldn't they? It's not very hard, and it's certainly cost effective compared to other types of espionage." he wrote.<br />
<br />
Hon Lau from Symantec has <a href="http://www.symantec.com/connect/blogs/truth-behind-shady-rat">poured cold water</a> on the "biggest cyber attack" headlines surrounding the case - "While this attack is indeed significant, it is one of many similar attacks taking place daily." He also outlines the way the attackers used spear phishing to target individuals, typically through email attachments including Word documents, Excel documents, PDF files or PowerPoints. "These files are loaded with exploit code, so that when the user opens the file the exploit code is executed, resulting in the computer becoming compromised." he wrote.<br />
<br />
One thing is for sure, it may not have been the biggest cyber attack in history, but it is certainly one of the most successful infosec media releases ever made, and for that McAfee must be congratulated: at least it has again focused some much needed attention in the media for such an important topic.<br />
<br />
<br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-13173375325022969402011-08-02T21:36:00.005+08:002011-09-17T12:06:55.857+08:00Bitcoin Price vs Google Search Trend: Correlation<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9OpXVoQTgfegx-R74gbd2LYQdBF8P6peGgDbSKo_kJLm400LfUApochngNgZMaiA2HpRGyPUuKUaE7cxP5SDs-D-EOPkw_JMWxK169mpOz9PnlbkG9OvyVatvZRwUINkyNdz6tRyyoNc/s1600/Bitcoin-ClosingPrice-Google-Search-Trend-Correlation.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="318" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9OpXVoQTgfegx-R74gbd2LYQdBF8P6peGgDbSKo_kJLm400LfUApochngNgZMaiA2HpRGyPUuKUaE7cxP5SDs-D-EOPkw_JMWxK169mpOz9PnlbkG9OvyVatvZRwUINkyNdz6tRyyoNc/s640/Bitcoin-ClosingPrice-Google-Search-Trend-Correlation.png" width="640" /></a></div><br />
An interesting relationship has come to light between the closing price of <a href="http://www.internetsecuritydb.com/2011/06/bitcoin-brave-new-currency.html">Bitcoin</a> (on the MtGox USD exchange) and the level of interest in Bitcoin as measured by Google Insights for search. The above data was taken for the last 90 days. The faint blue line represents the search interest in the term "bitcoin" and the dark black line represents the closing price of Bitcoin on the MtGox USD exchange.<br />
<br />
<span style="font-size: large;">Is Bitcoin a Bubble?</span><br />
<br />
As the <a href="https://en.bitcoin.it/wiki/FAQ#Is_Bitcoin_a_bubble.3F">Bitcoin wiki itself states</a>, yes, Bitcoin is a bubble, but only insofar that the US Dollar and Japanese Yen are also bubbles, i.e. they only have value in exchange and no value in use by themselves. If a loss of confidence occurred in any currency, its value could drop dramatically overnight.<br />
<br />
The definition of a <a href="http://en.wikipedia.org/wiki/Speculative_bubble">Speculative Bubble</a> on wikipedia lists a number of possible causes, not least of which are those related to crowd psychology, such as the <a href="http://en.wikipedia.org/wiki/Greater_fool_theory">greater fool theory</a>, which identifies bubbles as being driven by the behavior of irrationally exuberant market participants (the fools) who buy overvalued assets in anticipation of selling them to other speculators (the greater fools) at a much higher price. Another related explanation lies with <a href="http://en.wikipedia.org/wiki/Herd_behavior">herd behavior</a>, the observation that speculators tend to buy or sell in the direction of the market trend. This is sometimes pushed along further by market analysts, who try precisely to detect those trends and follow them, which creates a self-fulfilling prophecy.<br />
<br />
A well known side effect of a bubble is that market participants with overvalued assets will tend to spend more because they "feel" richer, due to the <a href="http://en.wikipedia.org/wiki/Wealth_effect">wealth effect</a>. In history, bubbles have been observed repeatedly in experimental markets, wherever there is some degree of uncertainty, and when market participants find it difficult or impossible to calculate the intrinsic value of the assets.<br />
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; text-align: center;"><tbody>
<tr><td style="text-align: center;"><br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwYr3CiMnNWiU8iuGxxYDp9m0IOle_40xpvV0Op9HZl8h9RCfIC0-sJPmhZMeh1x4rjhxUNGAsH-GgYnSLpHWyfYsyUIM88bW3yE5J9uqxJMObG3cpe82GJqIivhmUJpFLhPzK8_-lwhQ/s1600/classic-phases-of-an-economic-bubble.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="420" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwYr3CiMnNWiU8iuGxxYDp9m0IOle_40xpvV0Op9HZl8h9RCfIC0-sJPmhZMeh1x4rjhxUNGAsH-GgYnSLpHWyfYsyUIM88bW3yE5J9uqxJMObG3cpe82GJqIivhmUJpFLhPzK8_-lwhQ/s640/classic-phases-of-an-economic-bubble.jpg" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The phases of a classic bubble</td></tr>
</tbody></table>Now lets compare the bubble chart above with the actual year to date (up to Aug-11-2011) closing prices of Bitcoin on the MtGox exchange. Yeah, its looking more like a bubble every day, even if the scale doesn't quite match those of the classic bubble phases.<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgimq6BKzsM5z8HP_K0W-C4LOMgqHyPOGUInsS_RiYqeVzOO0IjQFPD_Ui2vajBTAi7X5LYjTGWGpG5W0elDvati17iuB6UlDPhnKSiViToTSHI9U8Fl1pVE0CEL0F86wCdq_APXd68M9A/s1600/BitcoinClosingPricesYTD_2011.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="292" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgimq6BKzsM5z8HP_K0W-C4LOMgqHyPOGUInsS_RiYqeVzOO0IjQFPD_Ui2vajBTAi7X5LYjTGWGpG5W0elDvati17iuB6UlDPhnKSiViToTSHI9U8Fl1pVE0CEL0F86wCdq_APXd68M9A/s640/BitcoinClosingPricesYTD_2011.PNG" width="640" /></a></div><br />
<br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-56136827968804068662011-07-24T18:00:00.003+08:002011-09-17T12:05:01.024+08:00Confessions of a Cyber-stalker: CA Criminal gets 4 years<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlxWpSa71ZGmD8AzB2goadH0PJnx_QOIdpQwHEz50EYW1Zg7mOUgxJMvGupi7pSczus3xvWE3M4Kef1VvSfLRV9X4BFoOGhkWY_Y_0Bzwg-AwNkmU6tDqqvKtIV3PJRn74YpzkwvLn1Lw/s1600/convicted-cyber-stalker-george-bronk.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlxWpSa71ZGmD8AzB2goadH0PJnx_QOIdpQwHEz50EYW1Zg7mOUgxJMvGupi7pSczus3xvWE3M4Kef1VvSfLRV9X4BFoOGhkWY_Y_0Bzwg-AwNkmU6tDqqvKtIV3PJRn74YpzkwvLn1Lw/s320/convicted-cyber-stalker-george-bronk.jpg" width="217" /></a></div>A recent cyber-stalking case in a Californian court has highlited the weakness of password reset 'security questions' which can be easily guessed by the attacker when some basic details of the victim are already known or even already public on social media sites like Facebook.<br />
<br />
George Bronk, of Sacramento, California, was <a href="http://www.seattlepi.com/news/article/Calif-man-gets-4-years-for-stalking-on-Facebook-1534592.php">sentenced</a> to more than four years in prison after being convicted of computer intrusion and the cyber-stalking of 46 women across 17 states. He carried out the cyber-stalking for a total of 10 months, from December 2009 through to September 2010, when he was eventually caught. The case illustrates the vulnerability of all Internet users, said prosecuting attorney Robert Morgester of the state attorney general's office. "The victims we went to said `I had very robust passwords.'. But it didn't matter how robust the password was if the recovery question is easy." he said.<br />
<br />
The method he used has revealed a major weakness in many password reset systems where a supposed secret question is posed to the account holder in order to recover a lost password. Such questions often include such basic choices as 'What is your favorite color?', 'Name of your high school?', 'Name of your first pet?', 'Town where you were born?'. Often, the answers to these questions can be quite easily gleaned from Facebook or other social network pages, which is exactly what Bronk did in this case.<br />
<br />
His first step was to identify the email address of a potential victim on Facebook, and then try to determine the answer to their secret password reset question. After he changed their password and took over their email account, Bronk then searched email folders for nude or semi-nude photographs or videos they had sent to their husbands or boyfriends and then distributed them to the victims' contact list, prosecutors said.<br />
<br />
The hacking method is similar to that of the famous <a href="http://en.wikipedia.org/wiki/Sarah_Palin_email_hack">Sarah Palin email hack</a>, in which the hacker managed to reset her password simply by Googling for the answer to her secret question, which was “Where did you meet your spouse?”.<br />
<br />
Academic <a href="http://www.guanotronic.com/~serge/papers/oakland09.pdf">research</a> back in 2009 ran a user study to measure the reliability and security of the questions used by the four big webmail providers (AOL, Yahoo!, Microsoft and Google). They asked participants to answer these questions and then asked their acquaintances to guess their answers. Acquaintances were able to guess 17% of their answers on the first attempt. The researcher's conclusion was that the security of personal questions appears significantly weaker than passwords.<br />
<br />
Another <a href="http://www.newscientist.com/article/dn17347-secret-questions-leave-accounts-vulnerable.html">study</a> showed that password recovery security questions are usually answered honestly. This study asked acquaintances of 32 webmail users to guess the answer to the secret question. Roughly 20% of these answers were guessed correctly.<br />
<br />
The conclusion then is that password recovery security questions should probably not be answered honestly. Experienced users fill them out with password like characters which makes the answers significantly harder, and even more or less impossible to guess. These answers can then be stored in password managers as notes.<br />
<br />
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;"><b>Further Reading:</b></div><ul><li><a href="http://www.internetsecuritydb.com/2011/06/how-to-choose-good-password.html">How to choose a good password</a></li>
<li><a href="http://www.internetsecuritydb.com/2011/06/free-online-tool-to-find-out-if-your.html">Free online tool to find out if your email has been hacked</a></li>
</ul><div><a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a></div>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-39945040849968862162011-07-15T13:21:00.002+08:002011-09-17T12:04:17.396+08:00The Global Battle Against Cybercrime<div class="separator" style="clear: both; text-align: center;"></div><div class="separator" style="clear: both; text-align: center;"></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLfDkKG86I_96uQXwMFVfQPN5z45HvHArGNm2_qa9OYySEx7WAb_LMDx8OXvJrKji9PQOqh9EU62mTwW6q7_u7t0J_f1X90a41tUmsGG0XDIRvYuOX2OQejWyyClKAL8M3SoFiwjHz2iw/s1600/ICSPA_International_Cyber_Security_Protection_Alliance_Logo.PNG" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="82" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgLfDkKG86I_96uQXwMFVfQPN5z45HvHArGNm2_qa9OYySEx7WAb_LMDx8OXvJrKji9PQOqh9EU62mTwW6q7_u7t0J_f1X90a41tUmsGG0XDIRvYuOX2OQejWyyClKAL8M3SoFiwjHz2iw/s200/ICSPA_International_Cyber_Security_Protection_Alliance_Logo.PNG" width="200" /></a></div><span class="Apple-style-span" style="font-size: large;"><i>Some Recent Developments</i></span><br />
<ul><li>Eugene Kaspersky, founder of Kaspersky labs and cybersecurity expert has <a href="http://eugene.kaspersky.com/2011/07/11/law-abiding-cyber-folk-of-the-world-unite/">used his blog</a> to take a swipe at the state of current multilateral efforts combatting cybercrime. In his post he mentions that the <a href="http://conventions.coe.int/Treaty/Commun/QueVoulezVous.asp?NT=185&CL=ENG">Council of Europe Convention on Cybercrime</a> is largely a waste of time and that the UN's <a href="http://www.impact-alliance.org/home/index.html">IMPACT Alliance</a>, which is based in Cyberjaya, Malaysia (and of which he is a member of the advisory board) is moving too slowly to be of any use. He has put his weight behind a newly launched non-profit organisation called the International Cyber Security Protection Alliance (<a href="http://www.icspa.org/">ICSPA</a>), which is based in London, and hopes that it can get things moving quickly. He points out that cybercriminals in most cases are beyond the borders of the country of their victims and that the mammoth task of bringing the majority of cybercriminals to justice will require joint efforts on a global scale.</li>
<li>On a more positive note, June 2011 did bring some notable successes for international law enforcement in the battle against cybercrime, with several successful operations resulting from joint efforts. The FBI and a team of international law enforcement organizations have <a href="http://www.wired.com/threatlevel/2011/06/scareware-raid/">shaken up two scareware (fake antivirus software) operations</a> that infected nearly 1 million users worldwide and cost victims some US$74 million in losses, charging up to $129 to each victim for the fake software. The so-called Operation Trident Tribunal, an ongoing initiative fighting international cybercrime, has netted arrests of two Latvians and the seizure of some 40 computers and bank accounts, including 22 computers in the U.S. that supported the illegal operations. Another 25 systems overseas that were used by the scammers were shut down as well. The Department of Justice, FBI, and authorities from Germany, Latvia, Cyprus, the Ukraine, Lithuania, France, The Netherlands, Sweden, Romania, and Canada teamed up in the operation. </li>
<li>In Russia, Pavel Vrublevsky, the owner of ChronoPay, Russia’s leading payment processing provider, <a href="http://krebsonsecurity.com/2011/06/chronopay-co-founder-arrested/">was arrested</a> on charges of organizing a DDoS attack on a competing company, <a href="http://www.assist.ru/">assist.ru</a>. Also in Russia, researchers at Kaspersky Lab have <a href="http://www.securelist.com/en/blog/208188132/Gold_rush">discovered</a> a new piece of malware targeting Russian users that silently runs a <a href="http://www.internetsecuritydb.com/2011/06/bitcoin-brave-new-currency.html">Bitcoin</a> mining application on infected computers. The idea is to steal computer resources from infected computers to generate units of the valuable peer-to-peer virtual currency. The hacker behind the Trojan did not generate any riches from this attack however because the Bitcoin mining system detected the suspicious mining activity coming from multiple IPs and blocked the account.</li>
<li>In Brazil, <a href="http://www.securelist.com/en/blog/208188099/Financial_data_stealing_Malware_now_on_Amazon_Web_Services_Cloud">cybercriminals used Amazon’s cloud</a> to host and distribute malware that targeted Brazilian users and was designed to steal data from customers of nine large Brazilian banks. To improve its chances of success, the malware blocked the normal operations of Antivirus software as well as browser plug-ins that are supposed to make online banking secure. The malware also stole digital certificates and credentials from Microsoft Live Messenger.</li>
<li>In a sweeping move, <a href="http://www.theregister.co.uk/2011/07/06/google_cans_11m_dot_co_dot_cc_sites/">Google has removed all of the sites hosted on .co.cc domains</a> from its search results, explaining that because such a large percentage of the sites on that sub-domain are low-quality and malware-ridden they decided to de-index all of them. The .co.cc space is not an officially authorised second-level domain like .co.uk or .com.au. Instead, it is run independently by a Korean company (http://co.cc/) that just happens to own the domain name .co.cc. The .cc top-level domain belongs to the Cocos (Keeling) Islands, a small Australian territory in the Indian Ocean. Regular .cc websites are unaffected by Google's changes.</li>
</ul><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPeRtaqjBjWe9nWBdV-AwbMIAMFPKX3BeYnFTcYIiYbOkwpHviLfppai2MXfhLPlUJTFM5ip-QGy50F0niYTpF_H694zTTUvVhmCmZEmZxvjV3Q8D_0tsSj0N5ZUQI_SWQUK4AHs7_Wcw/s1600/DoD_Cyber_Crime_Center_Seal.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="196" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPeRtaqjBjWe9nWBdV-AwbMIAMFPKX3BeYnFTcYIiYbOkwpHviLfppai2MXfhLPlUJTFM5ip-QGy50F0niYTpF_H694zTTUvVhmCmZEmZxvjV3Q8D_0tsSj0N5ZUQI_SWQUK4AHs7_Wcw/s200/DoD_Cyber_Crime_Center_Seal.jpg" width="200" /></a></div><ul><li>The US Department of Defense <a href="http://www.defense.gov/releases/release.aspx?releaseid=14651">released</a> the DoD Strategy for Operating in Cyberspace (DSOC) - the first ever DoD unified strategy for cyberspace. “By sharing timely indicators about cyber events, threat signatures of malicious code, and information about emerging actors and threats, allies and international partners can increase collective cyber defense,” the document notes. “Cyberspace is a network of networks that includes thousands of ISPs [Internet Service Providers] across the globe; no single state or organization can maintain effective cyber defenses on its own.” As General James “Hoss” Cartwright told reporters, “This strategy talks more about how we are going to defend the networks, the next iteration will have to start to talk about here’s a strategy that says to the attacker, ‘If you do this, the price to you is going to go up. It’s not just free.’ Today, we are on a path that is way too predictable. It’s purely defensive. There is no penalty for attacking right now, we’ve got to figure out a way to change that.”</li>
<li>Microsoft has <a href="http://go.microsoft.com/?linkid=9777259">released</a> a detailed report on Rustock, the <a href="http://blogs.technet.com/b/microsoft_on_the_issues/archive/2011/03/18/taking-down-botnets-microsoft-and-the-rustock-botnet.aspx">take-down effort</a> it led in March, and the impact of its anti-botnet campaign. The number of Windows PCs infected with the Rustock malware has dropped worldwide from 1.6 million at its peak, to just over 700,000 by June. In the U.S., an estimated 86,000 Rustock-infected PCs in March had been reduced to some 53,000 by June, a drop of 38%. Other countries saw even bigger reductions: In India, the March tally of 322,000 infected machines plummeted by 69% to approximately 99,000 in June.</li>
</ul><div><a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a></div>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-5639535199546584932011-07-09T15:28:00.002+08:002011-09-17T12:03:21.718+08:00Fake Anti Virus Software: A New Business Model EmergesResearchers from the Departments of Computer Science and Economics of the University of California (Santa Barbara) have recently released the <a href="http://www.cs.ucsb.edu/~chris/research/doc/weis11_fakeav.pdf">results</a> of their yearlong investigation into three fake anti virus companies (named Fake AV1, AV2 and AV3). They were able to infiltrate and monitor the backend servers of the three companies, all of which were controlled by East European cybercriminals. Summarised daily and yearly sales figures below.<br />
<br />
<table border="1"><tbody>
<tr><td></td><td align="right"><strong>Total Sales per Day (USD)</strong></td><td align="right"><strong>Total Sales per Year (USD)</strong></td><td align="right"><strong>Infection¹ rate (no. users per day)</strong></td><td align="right"><strong>Infection¹ rate (no. users per year)</strong></td><td align="right"><strong>Purchase² rate (no. users per day)</strong></td><td align="right"><strong>Purchase² rate (no. users per year)</strong></td><td align="right"><strong>Average Selling Price (USD)</strong></td><td align="right"><strong> Conversion Rate³</strong></td></tr>
<tr><td><strong>Fake AV1</strong></td><td align="right">$123,288</td><td align="right">$45,000,000</td><td align="right">92,055</td><td align="right">33,600,000 </td><td align="right">2,209</td><td align="right">806,400</td><td align="right">$55.80</td><td align="right">2.4%</td></tr>
<tr><td><strong>Fake AV2</strong></td><td align="right">$10,411</td><td align="right">$3,800,000</td><td align="right">13,562</td><td align="right">4,950,000 </td><td align="right">285</td><td align="right">103,950</td><td align="right">$36.55</td><td align="right">2.1%</td></tr>
<tr><td><strong>Fake AV3</strong></td><td align="right">$132,603</td><td align="right">$48,400,000</td><td align="right">100,055 </td><td align="right">36,520,000 </td><td align="right">2,201</td><td align="right">803,440</td><td align="right">$60.24</td><td align="right">2.2%</td></tr>
<tr><td><strong>Total</strong></td><td align="right"><b>$266,302</b></td><td align="right"><b>$97,200,000</b></td><td align="right"><b>205,672 </b></td><td align="right"><b>75,070,000 </b></td><td align="right"><b>4,695</b></td><td align="right"><b>1,713,790</b></td><td align="right"><b>$56.71</b></td><td align="right"><b>2.3%</b></td></tr>
</tbody></table><strong>Source:</strong> Extrapolation of data contained in the <a href="http://www.cs.ucsb.edu/~chris/research/doc/weis11_fakeav.pdf">UCSB research report</a> over both a yearly and daily basis.<br />
<strong>¹ </strong>Infection refers to users who have installed the Fake Anti Virus software trial, but not necessarily purchased it.<br />
<strong>²</strong> Purchase refers to users who have both installed the Fake Anti Virus software trial, and then purchased a license for it.<br />
<b>³</b> Conversion Rate refers to the number of purchases as a percentage of the number of infections.<br />
<br />
They uncovered a sophisticated method of flying under the radar of credit card fraud detection by minimising chargebacks (credit card refunds) which in turn meant that no suspicion would be raised by the victim's bank or credit card company. They did this simply by maintaining a 24/7 support hotline, thereby keeping a track of the customer's suspicions, and when necessary, issuing refunds directly back to the customer. Fewer than 10% of all victims asked for a refund, meaning that the cybercriminals could issue a full refund to all complainants, and still make massive profits. But in fact the criminals only issued enough refunds to keep their chargeback ratio under the suspicious limit (such as 3%) thereby squeezing the maximum amount of cash from their victims.<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEDJZfX5hjkCDOL0iOvW7SU2X8QSLqB0Fbs7uBq_AhhSPToMMwFnOsLxJOH2UmW9vlBAMnaNO3hn-jGBd00hAPxeC_dIDTENyfiWXoOLZRuNAV2VLybaRSpVihvmnQqYmZ1KE_iRvkzo4/s1600/cybercrime-the-flow-of-money-in-the-fake-antivirus-business.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="345" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiEDJZfX5hjkCDOL0iOvW7SU2X8QSLqB0Fbs7uBq_AhhSPToMMwFnOsLxJOH2UmW9vlBAMnaNO3hn-jGBd00hAPxeC_dIDTENyfiWXoOLZRuNAV2VLybaRSpVihvmnQqYmZ1KE_iRvkzo4/s640/cybercrime-the-flow-of-money-in-the-fake-antivirus-business.png" width="640" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The flow of money in the Fake Anti Virus Business Model</td></tr>
</tbody></table>The researchers were able to follow the money trail from the victim, on to the payment processing company, which happened to be exclusively <a href="http://www.chronopay.com/">ChronoPay</a>, on to rouge merchant accounts at <a href="http://krebsonsecurity.com/2011/07/which-banks-are-enabling-fake-av-scams/">banks in Europe and Asia</a>. From these merchant accounts, money was transferred back to the Fake AV affiliate members exclusively via a virtual electronic currency called <a href="http://en.wikipedia.org/wiki/Webmoney">WebMoney</a>. The affiliate members, who provide the original victim's computer details to the controlling gang, are very highly rewarded, taking in anywhere from 30% to 80% commission on sales. The most successful affiliate was able to bank approx. US$30,000 per day from Fake AV1.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6UBwuSvbdeot4qiYJM1z-mIR-Gy2oIInDuBHpO-s0_EmXVIm6-p3U4ljDx4OTVd1SUH1IZ-9nRBv1gGJ8HSgx40LQuLuKDCsmM0U4rDbTLhaStLoBJXZyf_NGdQ5Tvt6PeJRlYr5OuDA/s1600/fake-antivirus-software-screenshot.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="322" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6UBwuSvbdeot4qiYJM1z-mIR-Gy2oIInDuBHpO-s0_EmXVIm6-p3U4ljDx4OTVd1SUH1IZ-9nRBv1gGJ8HSgx40LQuLuKDCsmM0U4rDbTLhaStLoBJXZyf_NGdQ5Tvt6PeJRlYr5OuDA/s400/fake-antivirus-software-screenshot.png" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">A typical Fake Anti Virus popup that leads to the initial infection</td></tr>
</tbody></table><a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com3tag:blogger.com,1999:blog-1481046064534726300.post-53382744937326224792011-06-30T20:51:00.003+08:002011-09-17T12:02:23.925+08:00TDL-4 Botnet Statistics<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-UeqzgslOS_jm8vv5MwFDBmqBcMrhY8zs4jDaPUhowrlCt-AyWaBpW38Xp-r21sceMETuLHh8XcafEo_qt6Ri8M7HJp_tgn2TV6vLYgkLQXAxtw-PfTbfyCIPMcTkyMfAB1AIk_5AUZo/s1600/TDL4-TopBot-global-botnet-infection-statistics.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="570" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-UeqzgslOS_jm8vv5MwFDBmqBcMrhY8zs4jDaPUhowrlCt-AyWaBpW38Xp-r21sceMETuLHh8XcafEo_qt6Ri8M7HJp_tgn2TV6vLYgkLQXAxtw-PfTbfyCIPMcTkyMfAB1AIk_5AUZo/s640/TDL4-TopBot-global-botnet-infection-statistics.png" width="640" /></a></div><br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKaJhB-3W-KOm1m_-u98CXhdsDSwN4k-GczKeBOxo8NiC6rke-eV0TVtey79LKU3HpOIT5i7tPtDOXZaE7iHS1Bx9UopWP_f54lxyCR7M7Y0654gnjqA-4ZYQ6zRJoXZoJ_3zo7xo9PMc/s1600/TDL4-TopBot-global-botnet-infection-statistics-barchart1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgKaJhB-3W-KOm1m_-u98CXhdsDSwN4k-GczKeBOxo8NiC6rke-eV0TVtey79LKU3HpOIT5i7tPtDOXZaE7iHS1Bx9UopWP_f54lxyCR7M7Y0654gnjqA-4ZYQ6zRJoXZoJ_3zo7xo9PMc/s1600/TDL4-TopBot-global-botnet-infection-statistics-barchart1.png" /></a></div><br />
Kasperksy Lab analysts Sergey Golovanov and Igor Soumenkov have just <a href="http://www.securelist.com/en/analysis/204792180/TDL4_Top_Bot">released some startling information</a> about what they claim is the 'most indestructible' botnet ever discovered. It is a variant on the TDSS rootkit which first appeared in 2008, and has gone through numerous 'releases' including TDL-3 in 2010 and finally TDL-4 today. It is important to note that TDL-4 is used to describe both the botnet itself and the trojan rootkit malware which initially infects the host computer.<br />
<br />
<span class="Apple-style-span" style="font-size: large;">Key points</span><br />
<ul><li>From January through to March of 2011, TDL-4 has infected 4,524,488 computers worldwide.</li>
<li>There are three command and control centers; in Moldova, Lithuania and USA.</li>
<li>It uses a custom encrypted communications protocol based on a <a href="http://en.wikipedia.org/wiki/Kad_network">public P2P (Peer to Peer) networking standard</a> to communicate between itself, other infected members of the botnet and the command and control centre.</li>
<li>It includes a proxy server module which allows criminals to anonymously surf the internet using the infected PC's internet connection.</li>
<li>It can infect both 32-Bit and 64-Bit editions of Windows.</li>
<li>It removes other (competing) viruses and botnet malware from the infected machine, leaving itself access to more bandwidth and resources.</li>
<li>It inserts itself into the MBR (master boot record) of the infected PC, meaning it gets loaded before Windows and making it extremely difficult for anti-virus software to detect it.</li>
<li>Once installed, it systematically downloads and installs a growing list of 'add-on' malware programs (currently up to 30 and growing) including fake anti-virus software, adware and spambot applications.</li>
<li>Software to both scan for the TDL-4 infection and remove it is available from Kaspersky <a href="http://support.kaspersky.com/viruses/solutions?qid=208280684">here</a>.</li>
</ul><div><a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a></div>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-65066455956891614862011-06-28T21:01:00.004+08:002011-09-17T12:01:28.074+08:00The rise and rise of children's online gaming<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvQMuKtj6xSbjy-mUIzoF9ijMWTGvGgVDbb3J0pO7XwoqarLaKC-j_czWqSod7YfWMPI4CFTznVKRM93f3HTKcsiI1bUiKbMgsrnbABklGihFKmHQ_LXjqs8gRIr11ofV2e76n8YkQBc4/s1600/moshi-monsters-logo.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="185" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhvQMuKtj6xSbjy-mUIzoF9ijMWTGvGgVDbb3J0pO7XwoqarLaKC-j_czWqSod7YfWMPI4CFTznVKRM93f3HTKcsiI1bUiKbMgsrnbABklGihFKmHQ_LXjqs8gRIr11ofV2e76n8YkQBc4/s320/moshi-monsters-logo.jpg" width="320" /></a></div><br />
Although only 11 years old, my son is a regular player on some online gaming sites that are designed for children. Currently his favourite is <a href="http://lostsaga.ogplanet.com/en/intro.og">OG Planet's Lost Saga</a> (actually designed probably for 12+), but before that he played other ones such as <a href="http://www.clubpenguin.com/">Club Penguin</a>, <a href="http://www.moshimonsters.com/">Moshi Monsters</a>, <a href="http://www.mcleodgaming.com/">Super Smash Flash 2</a> and some other curiously popular games based on a physics simulator like <a href="http://dan-ball.jp/en/javagame/dust/">Dan Ball's Dust</a>. Lost Saga is the only one that runs as a full standalone application and requires a download and install. The others run inside the browser, some require Flash, and others are built using javascript or java.<br />
<br />
The first game he ever played and one which he still enjoys is the magnificent, multi-player, educational maths game <a href="http://www.mathletics.com.au/">Mathletics</a>, which was recommended by his school. When he plays this one he actually represents his school online, and the graphic that appears when starting a challenge shows the world map, and where his opponents are from.<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJc-QjL4cvg2UkqsmHzFHqHOlR25xg9CUHEQghloWEfSruNqXlb6bwh3q9RUsZT6bGQjB5R88LpY9_2wnGmA6Vd8rZDEtT9jVosMzV_6n-mHALtgcegsPr7Tc5o-7HR11zekZnXSAd-Ns/s1600/welcome-to-disney-club-penguin.gif" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJc-QjL4cvg2UkqsmHzFHqHOlR25xg9CUHEQghloWEfSruNqXlb6bwh3q9RUsZT6bGQjB5R88LpY9_2wnGmA6Vd8rZDEtT9jVosMzV_6n-mHALtgcegsPr7Tc5o-7HR11zekZnXSAd-Ns/s1600/welcome-to-disney-club-penguin.gif" /></a></div>It amazes me how he finds out about these games, which is simply through word of mouth - through friends at his school or older members of the family who recommend a game. A successful game can increase its popularity amazingly quickly. In the case of Moshi Monsters, according to its developer, UK-based <a href="http://mindcandy.com/">Mind Candy</a>, approximately half of all children in the 6-12 age group in the US, UK, New Zealand and Australia have played it. Their incredible online success has been followed up by merchandising in the 'real' world in the form of soft toys, books and trading cards. And as with most of these online games, Moshi Monsters is free to play, but there is an optional monthly subscription payment which improves the online game experience and generally results in some sort of higher status or better accessories. Whether this payment is necessary, I'd probably say just wait and see if your child is still playing the game in a months time before deciding whether its worth paying any fees.<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfcxEdODyebuVVHCFY5d8IQY17mPQOrvYNiu0QFgkIaGq0jBc2rPt5UpBPDbknlfyGoHD2qPv0eQ_zdNDe6dK-EzFFaY3s6U1Enw92t0XQ-In_J72F_-XXfcHzWLQgZkHIy3ZTykBOB_0/s1600/lost-saga-logo.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfcxEdODyebuVVHCFY5d8IQY17mPQOrvYNiu0QFgkIaGq0jBc2rPt5UpBPDbknlfyGoHD2qPv0eQ_zdNDe6dK-EzFFaY3s6U1Enw92t0XQ-In_J72F_-XXfcHzWLQgZkHIy3ZTykBOB_0/s1600/lost-saga-logo.jpg" /></a></div>Online gaming for children is something which parents need to keep control over and get involved in to ensure your child doesn't spend too much time in front of a computer. A recent campaign I've come across called <a href="http://www.unplugandplay.com.au/">Unplug+play</a> recommends limiting your child's exposure to all forms of electronic entertainment (TV, Electronic games, Internet) to 2 hours per day ... definitely a worthwhile campaign and one which will benefit both children and parents.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><img border="0" height="508" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg00RLGCATmv7O-MTWRHA-ICDAJgX2iwhD3eHv2KObiIg3xXputjyKPLXeJNKSPWQNI9eGNkwEErJ6SBL3otivQ1z83ufG0gpRphAKR2bH19ab1h5WvuTmijnG4B_RFdXR_k3WKi2Hy5gY/s640/unplug-and-play.JPG" style="margin-left: auto; margin-right: auto;" width="640" /></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><a href="http://www.unplugandplay.com.au/">Unplug+play</a> recommends limiting your child's exposure to all forms <br />
of electronic entertainment to no more than 2 hours per day.<br />
<br />
<span class="Apple-style-span" style="font-size: small;"></span><br />
<div style="text-align: left;"><a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a></div><div style="text-align: left;"><br />
</div><div style="text-align: left;"><a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a></div></td></tr>
</tbody></table>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-39496390169211070312011-06-27T20:28:00.003+08:002011-09-17T11:59:42.601+08:00Is Bitcoin mining wasting energy<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: left; margin-right: 1em; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcUgx8R8yEb0-euJgaSvs9Q-Wa7AxUBAbNDqniDTI7XrvPgdSQCUz6GdqJG3EoGuRNbMeXRNCQBV4pwiZJukhLcXQlY2kxF65SfdtWLqH0ra2OohWUZjgxkDlTD9wsuHvSDeT_9W9gIPM/s1600/bitcoin_mining_pc.jpg" imageanchor="1" style="clear: left; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" height="317" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcUgx8R8yEb0-euJgaSvs9Q-Wa7AxUBAbNDqniDTI7XrvPgdSQCUz6GdqJG3EoGuRNbMeXRNCQBV4pwiZJukhLcXQlY2kxF65SfdtWLqH0ra2OohWUZjgxkDlTD9wsuHvSDeT_9W9gIPM/s320/bitcoin_mining_pc.jpg" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Now this would make an awesome Bitcoin Mining Rig!<br />
(Its actually just a nice looking <a href="http://en.wikipedia.org/wiki/Steampunk">steampunk</a> case mod.)</td></tr>
</tbody></table>In my view the <a href="http://www.internetsecuritydb.com/2011/06/bitcoin-brave-new-currency.html">Bitcoin</a> mining system as it is now is a waste of time and energy, and also opens the system up to the exploitation of computer networks for monetary gain by criminals or other <a href="http://www.theaustralian.com.au/australian-it/abc-bitcoin-currency-case-sparks-business-security-fears/story-e6frgakx-1226080833651">rouge individuals within an organisation</a>. One way to address this would be to create a distributed computing style screen saver such as <a href="http://folding.stanford.edu/">Folding@home</a> which will perform the required computations on under-utilized computers, thereby not wasting any electricity in doing so. Also, the Bitcoins that get mined could be donated to a recognized charity. There’s already a project underway to <a href="http://bitcoinsforcharity.org/">donate mined Bitcoins</a> to a list of Bitcoin-accepting charities. This way, people can be donating their computer towards both securing the new currency and also giving a monetary donation. I’m sure this would have another added benefit of removing existing negative feelings towards Bitcoin mining and Bitcoin in general.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVAJPjeRI2h8WNR2dwt7VEBWnna8w4hFZwS5qOb7Rh0LAD89PC8KZ64AxqoVPUCoiH6BrLwBQuMzEkcJpMss1clSZuwdhPEY5vcUDUOd6-ZqK-8QgFjGgNtsxMw8vVi0JATO9uvnsP_6w/s1600/bitcoin_mining_rig.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="300" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVAJPjeRI2h8WNR2dwt7VEBWnna8w4hFZwS5qOb7Rh0LAD89PC8KZ64AxqoVPUCoiH6BrLwBQuMzEkcJpMss1clSZuwdhPEY5vcUDUOd6-ZqK-8QgFjGgNtsxMw8vVi0JATO9uvnsP_6w/s400/bitcoin_mining_rig.JPG" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">An actual Bitcoin mining rig, complete with liquid cooling.<br />
This features 4 Radeon HD5870 cards, details <a href="http://silasx.blogspot.com/2011/05/bitcoin-mining-rig-is-up.html">here</a>.</td></tr>
</tbody></table><b>Further Reading:</b><br />
<ul><li><a href="http://www.internetsecuritydb.com/2011/06/bitcoin-brave-new-currency.html">Bitcoin, the brave new currency</a></li>
</ul><div><a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a></div>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-16673639964303473702011-06-26T17:51:00.003+08:002011-09-17T11:57:10.888+08:00Bitcoin, the brave new currency<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8cy7wqbSATnBrtDg5AjmqBgSt5of6kyGodqJOKWtkdn6vX_sY1zNaESxpwKs5rSAr3byJIjws5JJHh7zumSew54JpUAQXC_NPslUr6EX034Vqb41V0oAnL2BYVQmYJg6D1odWWuudxlU/s1600/bitcoin-225.png" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8cy7wqbSATnBrtDg5AjmqBgSt5of6kyGodqJOKWtkdn6vX_sY1zNaESxpwKs5rSAr3byJIjws5JJHh7zumSew54JpUAQXC_NPslUr6EX034Vqb41V0oAnL2BYVQmYJg6D1odWWuudxlU/s200/bitcoin-225.png" width="200" /></a></div><span class="Apple-style-span" style="font-size: x-large;">What is Bitcoin?</span><br />
<br />
<a href="http://www.bitcoin.org/">Bitcoin</a> is a brand spanking new digital currency, designed to allow people to buy and sell without regulations imposed by (evil) banks, governments and corporations. It allows for anonymous, secure transactions which aren't tied to any individual’s or group’s identity. In true cyberpunk form, Bitcoin users have no need to trust any central authority; every aspect of the currency is secured through the use of strong cryptography. It is a dream come true for cypherpunks, hackers and criminal masterminds everywhere, and in its brief existence so far has garnered a massive amount of support.<br />
<div><br />
<div>Bitcoin was originally proposed as a <a href="http://www.bitcoin.org/bitcoin.pdf">theoretical design</a> by mysterious computer scientist and software engineer <a href="https://en.bitcoin.it/wiki/Satoshi_Nakamoto">Satoshi Nakamoto</a> (a pseudonym), he basically set about to design a digital currency without central controls, and which is both secure and anonymous.</div><div><br />
</div><div><span class="Apple-style-span" style="font-size: x-large;">Double spending problem</span></div><div>The initial problem faced by all digital currencies is that of <a href="http://en.wikipedia.org/wiki/Double-spending">double-spending</a>, since duplicating a digital file is as easy as copying a file on disk. This is a major problem with currency, since there must be a limited supply that has value. If you use a dollar at the supermarket in the morning, you can't expect to go out and spend the same dollar at a cafe in the afternoon. A failure to prevent double spending would make forgery of digital currency rampant, leading to an out of control inflation spiral, and eventually rendering the currency worthless.</div><div><br />
</div><div>The usual solution to the double-spending problem is the centralised approach of a trusted intermediary. PayPal makes sure that you can't spend the same dollars twice by deducting them from your account before they get added to someone else's account. Banks, Visa, MasterCard along with all payment processors do the same. However, this approach is one that Satoshi Nakamoto specifically tried to avoid in the design of Bitcoin. His idea was to rely on cryptography to create verifiable transaction records without the need to trust anyone in the system.</div><div><br />
</div><div><span class="Apple-style-span" style="font-size: x-large;">Digital cash</span></div><div>Below is a quote from the book <i>The Ascent of Money: A Financial History of the World</i> by British Historian and writer <a href="http://en.wikipedia.org/wiki/Niall_Ferguson">Niall Ferguson</a>. It is particularly relevant to Bitcoin.</div><div><br />
</div><div><i>Today's electronic money can be moved from our employer, to our bank account, to our favourite retail outlets without ever physically materializing.</i></div><div><i><br />
</i></div><div><i>It is this 'virtual' money that now dominates what economists call the money supply. Cash in the hands of ordinary Americans accounts for just 11 percent of the monetary measure known as M2. The intangible character of most money today is perhaps the best evidence of its true nature. What the conquistadors failed to understand is that money is a matter of belief, even faith: belief in the person paying us; belief in the person issuing the money he uses or the institution that honours his cheques or transfers. Money is not metal. It is trust inscribed. And it does not seem to matter much where it is inscribed: on silver, on clay, on paper, on a liquid crystal display. Anything can serve as money, from the cowrie shells of the Maldives to the huge stone discs used on the Pacific islands of Yap.</i></div><div><i><br />
</i></div><div><i>And now, it seems, in this electronic age nothing can serve as money too.</i></div><div><i><br />
</i></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJgeWLef_1k8Phip2KVOrjHjhORKRW_dOkh_Wzyf_QKn-HEpkXrw2h5W5RVAG2ZlSXXapt5rYlNETk4HluUye_qqSxuwrd9EThmpqQSUpQyrxzWe6Xn6oztaRP1hYEr_tXMHkHnC9KIn4/s1600/Currency.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="213" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhJgeWLef_1k8Phip2KVOrjHjhORKRW_dOkh_Wzyf_QKn-HEpkXrw2h5W5RVAG2ZlSXXapt5rYlNETk4HluUye_qqSxuwrd9EThmpqQSUpQyrxzWe6Xn6oztaRP1hYEr_tXMHkHnC9KIn4/s320/Currency.jpg" width="320" /></a></div><div><span class="Apple-style-span" style="font-size: x-large;">Does Bitcoin make a good currency?</span></div><div>Below I have listed seven requirements for something to be regarded as a good medium of currency, along with how Bitcoin stacks up on each one.</div><div><br />
</div><div><span class="Apple-style-span" style="font-size: large;">1. Acceptability: will everyone accept it to purchase goods and services?</span></div><div>Like other fiat currencies such as the dollar, and even gold, Bitcoins are worth something only because everyone else thinks they are worth something and are willing to trade things for it. A loss of confidence in Bitcoin could severely affect its value and even drive it down into a death spiral until it’s completely worthless. Acceptability is a weak point with Bitcoin currently. Apart from a very small number of merchants accepting Bitcoins as payment for goods, there are several online Bitcoin markets which maintain a floating exchange rate against the USD. These have so far been shown to be susceptible to market manipulation, speculation and even unfortunately to being hacked, as in the case of Mt Gox recently. </div><div><br />
</div><div><span class="Apple-style-span" style="font-size: large;">2. Durability: will is last a long time?</span></div><div>Bitcoin truly has an advantage here over physical money in the form of cash and/or bullion in that it only exists virtually, in the form of 1s and 0s (bytes). The electronic wallet file storing your private crypto-key (required for performing transactions) can be backed up ad infinitum, and thereby will never decay. </div><div><br />
</div><div><span class="Apple-style-span" style="font-size: large;">3. Portability and Convenience: is it easy to carry around?</span></div><div>To trade your Bitcoins, you need to use a free “Bitcoin client” application, plus you need access to the internet. There are many versions of the client available for use on mobile devices like the iPhone and Android along with the official Bitcoin client, which runs on Windows, Linux and Max OS X. Because of this, one can see Bitcoin being ideal for both small and large payments and also being popular in the developing world, where access to reliable money transfer services may be limited.</div><div><br />
</div><div><span class="Apple-style-span" style="font-size: large;">4. Scarcity: is it scarce enough to be valuable?</span></div><div>The supply of Bitcoins increases at a predetermined rate, the details of which have been determined by the following method: “Blocks” of Bitcoins are created at a constant average rate, about 1 block every 10 minutes and since there is a set number of coins minted per block (currently 50 coins per block), the total money supply, too, increases at this steady rate. For now, this rate is 50 coins every 10 minutes, i.e. 300 coins every hour. But every four years this ‘minting’ rate falls by a half. So the rate will drop to 25 coins per block in 2013, to 12.5 coins in 2017, and so on, in a geometric series, until the total supply of Bitcoins plateaus at 21m or so around 2030. This could be seen as a way of rewarding the early adopters and founders of Bitcoin. It will also mean that in the long term Bitcoin, if it succeeds and is popular, will be deflationary - the purchasing power of 1 Bitcoin will increase over time - a good thing.</div><div><br />
</div><div><span class="Apple-style-span" style="font-size: large;">5. Divisibility: can it be divided into small units?</span></div><div>Bitcoin is truly in a league of its own here with divisibility all the way down from 1 BTC to the eighth decimal place, or 0.00000001 BTC which is known as 1 Satoshi (pronounced sa-toh-shee), in honour of the founder of Bitcoins.</div><div><br />
</div><div><span class="Apple-style-span" style="font-size: large;">6. Legal Tender: is it backed by a government?</span></div><div>Bitcoin is not backed by any laws and is not considered legal tender in any jurisdictions. This however hasn’t stopped other currencies from becoming hugely successful; albeit for a short period of time, e.g. remember tulips in 17th century Holland?</div><div><br />
</div><div><span class="Apple-style-span" style="font-size: large;">7. Intrinsic value</span></div><div>Gold and Silver have intrinsic value in that they can be made into physical jewellery that people actually desire. Bitcoins (and even dollars for that matter) have absolutely no intrinsic value. In theory if a run happened on Bitcoin their value could plummet to zero.</div><div><br />
</div><div><span class="Apple-style-span" style="font-size: x-large;">So what holds for the future of Bitcoin?</span></div><div>As a <i>payment transfer system</i>, Bitcoin is the first of its kind in being implemented as a secure, distributed, peer to peer (P2P) system with no central transaction log; the transaction logs being stored on each of its peers (nodes). In this task it has excelled and has already shown it is more than capable. </div><div><br />
</div><div>In terms of being a fully fledged <i>currency</i>, for this it also requires a market, somewhere it can be given a hard value in terms of an existing currency. It’s on this side of the coin where Bitcoin has shown some failings so far, with the recent <a href="http://arstechnica.com/tech-policy/news/2011/06/bitcoin-price-plummets-on-compromised-exchange.ars">MtGox hack</a>, and the subsequent freefall dive in value due to a large volume of trade. This demonstrates that even the most perfectly engineered <i>cryptocurrency </i>will still be affected by human factors such as exuberance, greed, doubt, loss of confidence, fear and panic. However, the strong cryptographic underpinnings of the Bitcoin system remain solidly in place, just as strong as ever and it will be very interesting to see what happens with Bitcoin over the next few months.</div><div><br />
</div><div>Bitcoin is a classic example of <i><a href="http://en.wikipedia.org/wiki/Disruptive_technology">disruptive technology</a></i> in the 21st century, building on advances of peer-to-peer distributed computing, the Internet, and cryptography. Although currently viewed as something of a novelty, no doubt government authorities would definitely take a bigger interest if trading volumes continue their upward march, if only to get their slice of the Bitcoin action.</div><div><br />
</div><div class="separator" style="clear: both; text-align: center;"></div><div>Bitcoin currently has the <a href="http://en.wikipedia.org/wiki/First-mover_advantage">first mover advantage</a> in the peer to peer currency space. However since it is built on open source technology, it would be relatively easy for a competing digital currency to start up in parallel as direct competition. In fact if the history of Internet start-ups are anything to go by, we can expect a leaner, more efficient and stronger competitor to out-manoeuvre Bitcoin and to eventually take over the market, in the same way that Google took over the existing search market by doing search better than all the existing players.<br />
<br />
<b>Further Reading:</b><br />
<ul><li><a href="http://www.internetsecuritydb.com/2011/06/is-bitcoin-mining-wasting-energy.html">Is Bitcoin mining wasting energy?</a></li>
</ul></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvZCDGC6ygxvf_sr1z29ssqF9-bRZo0TZqaruMrqYUqO1zACKwxeF_iD4mfeFbFgFWod_j-e8lDX7CR-XLQBQVgJI_2IQueMy8JnMqIht_sjSHyvbJWEEpODxR0bEspo3r_Ip6XQM1b04/s1600/Currency2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="302" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjvZCDGC6ygxvf_sr1z29ssqF9-bRZo0TZqaruMrqYUqO1zACKwxeF_iD4mfeFbFgFWod_j-e8lDX7CR-XLQBQVgJI_2IQueMy8JnMqIht_sjSHyvbJWEEpODxR0bEspo3r_Ip6XQM1b04/s320/Currency2.jpg" width="320" /></a></div><div><br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a><br />
</div></div>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com1tag:blogger.com,1999:blog-1481046064534726300.post-66115416000914045432011-06-25T17:12:00.002+08:002011-09-17T11:58:24.069+08:00How to choose a good passwordIts a fallacy to think that a very strong password, like <b>Qiu&^%3kk_3238enh</b>, is a good password. The reason is that such a password is so hard to remember that people will invariably write it down or store it in a text file on their computer that is easily accessible (e.g. on the desktop). Its much better to have a combination of both easy to remember and one that is fairly strong, with at least a combination of upper and lowercase and some numbers or punctuation thrown in as well. Its notable that a lot of online banking systems actually don't allow any punctuation - the password must be fully alphanumeric only.<br />
<br />
Here's four tips to help you make up a good password:<br />
<ul><li>Make sure it is <u>at least 8 characters in length.</u></li>
<li>Make sure it contains at least <u>two numbers and a mix of upper and lower case.</u></li>
<li>Make sure it doesn't contain any words that would appear in the <u>dictionary.</u></li>
<li>Use an easy to remember four word phrase and then use just the beginning two letters of each word in the phrase, plus a two digit number. E.g. the phrase "<b>Easy Peasy Lemon Squeezy</b>" can be converted into the password "<b>EaPeLeSq88</b>".</li>
</ul><div>Once you've selected a good password remember to <u>never reuse it again on another account</u>, and to <u>change it regularly</u>, at least twice a year.<br />
<br />
Lastly, don't even think about using a simple password, for anything, even for temporary logins. The reason is that there are a lot of very commonly used passwords and hackers know them already. Here below is the list of the most commonly used passwords of all time. One out of every 50 people have used one of these passwords, at one time or another! Apologies about the bad language here, but hey I didn't make these up! ;-)<br />
<ol><li>123456</li>
<li>password</li>
<li>12345678</li>
<li>1234</li>
<li>pussy</li>
<li>12345</li>
<li>dragon</li>
<li>qwerty</li>
<li>696969</li>
<li>mustang</li>
<li>letmein</li>
<li>baseball</li>
<li>master</li>
<li>michael</li>
<li>football</li>
<li>shadow</li>
<li>monkey</li>
<li>abc123</li>
<li>pass</li>
<li>fuckme</li>
</ol><div>The full list of commonly used passwords, from 1 to 500 is listed <a href="http://www.whatsmypass.com/the-top-500-worst-passwords-of-all-time">here</a>, including several more swearwords!<br />
<br />
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;"><b>Further Reading:</b></div><ul><li><a href="http://www.internetsecuritydb.com/2011/06/free-online-tool-to-find-out-if-your.html">Free online tool to find out if your email has been hacked</a></li>
<li><a href="http://www.internetsecuritydb.com/p/password-storage-101.html">Password Storage 101</a></li>
</ul><a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a><br />
<br />
<ul></ul></div></div>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0tag:blogger.com,1999:blog-1481046064534726300.post-23681032162063727612011-06-25T16:22:00.003+08:002011-09-17T11:55:47.639+08:00Free online tool to find out if your email has been hacked<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqYZ24slgLG5iXgWXIlUSvgA-sG8sJccHbiJ22pOq0mTX4jiDTLW0LT9MxOwL_8A0JeKZF_dMbygyj22tDe3TNUNm8-l6MMcJO-ApoIW3J1-ftBDKAaEm1hS6HfBHam-rb-2tI9jK2bAQ/s1600/should-i-change-my-password-screen-capture.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" height="296" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhqYZ24slgLG5iXgWXIlUSvgA-sG8sJccHbiJ22pOq0mTX4jiDTLW0LT9MxOwL_8A0JeKZF_dMbygyj22tDe3TNUNm8-l6MMcJO-ApoIW3J1-ftBDKAaEm1hS6HfBHam-rb-2tI9jK2bAQ/s400/should-i-change-my-password-screen-capture.JPG" width="400" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;"><span class="Apple-style-span" style="font-size: small;">Above: A screenshot from the website when I found out one of my emails had been hacked! <br />
And no, that's not my email address ;-)</span></td></tr>
</tbody></table>Australian security researcher <b>Daniel Grzelak</b> has built a cool website which lets you quickly check if any of your online account logins has been compromised by the recent hacks by groups such as <b>LulzSec </b>and <b>Gnosis</b>. The site is called <a href="https://shouldichangemypassword.com/">https://shouldichangemypassword.com/</a>. No passwords are stored on the site, it is simply a free service which lets you find out if your email address has been compromised and whether you should change all the passwords that use that email address as a login. <br />
<br />
He has currently amassed a database containing only the emails of 13 recent hacking attacks, and this will be updated as more occur. If one of your emails has been hacked, you are given a message which tells you exactly when it occurred. You can then look on the <a href="https://shouldichangemypassword.com/sources.php">sources page</a> of the website to find out details of which attack led to your password being stolen. <br />
<br />
After trying the website with all of my email addresses, I found to my horror that one actually had been hacked, and that it was due to the <a href="http://www.pcworld.com/article/213438/gawker_media_hack_everything_you_need_to_know.html">Attack on Gawker Media</a> that happened back on December 12, 2010. Luckily I don't use the same password for any other of my online logins, so nothing bad came out of that particular hack. However plenty of people do use the same email login and password for many online accounts, and have been scammed. This is another reason to be vigilant when it comes to your password security.<br />
<br />
<div style="margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;"><b>Further Reading:</b></div><ul><li><a href="http://www.internetsecuritydb.com/2011/06/how-to-choose-good-password.html">How to choose a good password</a></li>
<li><a href="http://www.internetsecuritydb.com/p/password-storage-101.html">Password Storage 101</a></li>
</ul><br />
<a href="http://twitter.com/dodgy_coder">Follow @dodgy_coder</a><br />
<br />
<a href="http://www.internetsecuritydb.com/feeds/posts/default">Subscribe to posts via RSS</a>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com1tag:blogger.com,1999:blog-1481046064534726300.post-56611590472767327932011-06-17T19:49:00.000+08:002011-06-17T20:41:54.884+08:00Anti Virus Software RankingsOne of the essential pieces of software to install on any Windows PC is anti-virus software. Below find the ranked results of the latest independent tests from <a href="http://av-test.org/">AV-Test.org</a> ...<br /><br /><table><tbody><tr><td><span class="Apple-style-span" >Ranking</span></td><td><span class="Apple-style-span" >Product Name</span></td><td><span class="Apple-style-span" >Protection</span></td><td><span class="Apple-style-span" >Repair</span></td><td><span class="Apple-style-span" >Usability</span></td><td><span class="Apple-style-span" >Total</span></td></tr> <tr><td><span class="Apple-style-span" >1</span></td><td><span class="Apple-style-span" >BitDefender: Internet Security Suite 2011</span></td><td><span class="Apple-style-span" >6</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >5.5</span></td><td><span class="Apple-style-span" >15.5</span></td></tr> <tr><td><span class="Apple-style-span" >2</span></td><td><span class="Apple-style-span" >F-Secure: Internet Security 2011</span></td><td><span class="Apple-style-span" >5.5</span></td><td><span class="Apple-style-span" >4.5</span></td><td><span class="Apple-style-span" >5.5</span></td><td><span class="Apple-style-span" >15.5</span></td></tr> <tr><td><span class="Apple-style-span" >3</span></td><td><span class="Apple-style-span" >Symantec: Norton Internet Security 2011</span></td><td><span class="Apple-style-span" >5.5</span></td><td><span class="Apple-style-span" >5</span></td><td><span class="Apple-style-span" >4.5</span></td><td><span class="Apple-style-span" >15</span></td></tr> <tr><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >Kaspersky: Internet Security 2011</span></td><td><span class="Apple-style-span" >5.5</span></td><td><span class="Apple-style-span" >4.5</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >14</span></td></tr> <tr><td><span class="Apple-style-span" >5</span></td><td><span class="Apple-style-span" >G Data: Internet Security 2011</span></td><td><span class="Apple-style-span" >5</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >5</span></td><td><span class="Apple-style-span" >14</span></td></tr> <tr><td><span class="Apple-style-span" >6</span></td><td><span class="Apple-style-span" >Panda: Internet Security 2011</span></td><td><span class="Apple-style-span" >5</span></td><td><span class="Apple-style-span" >4.5</span></td><td><span class="Apple-style-span" >4.5</span></td><td><span class="Apple-style-span" >14</span></td></tr> <tr><td><span class="Apple-style-span" >7</span></td><td><span class="Apple-style-span" >AVG: Internet Security 10.0</span></td><td><span class="Apple-style-span" >5</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >4.5</span></td><td><span class="Apple-style-span" >13.5</span></td></tr> <tr><td><span class="Apple-style-span" >8</span></td><td><span class="Apple-style-span" >Sophos: Endpoint Security and Control 9.5</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >5</span></td><td><span class="Apple-style-span" >13</span></td></tr> <tr><td><span class="Apple-style-span" >9</span></td><td><span class="Apple-style-span" >Webroot: Internet Security Complete 7.0</span></td><td><span class="Apple-style-span" >4.5</span></td><td><span class="Apple-style-span" >5</span></td><td><span class="Apple-style-span" >3</span></td><td><span class="Apple-style-span" >12.5</span></td></tr> <tr><td><span class="Apple-style-span" >10</span></td><td><span class="Apple-style-span" >Trend Micro: Titanium Internet Security 2011</span></td><td><span class="Apple-style-span" >3.5</span></td><td><span class="Apple-style-span" >3.5</span></td><td><span class="Apple-style-span" >5.5</span></td><td><span class="Apple-style-span" >12.5</span></td></tr> <tr><td><span class="Apple-style-span" >11</span></td><td><span class="Apple-style-span" >Eset: Smart Security 4.2</span></td><td><span class="Apple-style-span" >3</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >5.5</span></td><td><span class="Apple-style-span" >12.5</span></td></tr> <tr><td><span class="Apple-style-span" >12</span></td><td><span class="Apple-style-span" >Sunbelt: Vipre Antivirus Premium 4.0</span></td><td><span class="Apple-style-span" >3</span></td><td><span class="Apple-style-span" >5</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >12</span></td></tr> <tr><td><span class="Apple-style-span" >13</span></td><td><span class="Apple-style-span" >Avira: Premium Security Suite 10.0</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >3.5</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >11.5</span></td></tr> <tr><td><span class="Apple-style-span" >14</span></td><td><span class="Apple-style-span" >Avast: Free AntiVirus 5.0 and 6.0</span></td><td><span class="Apple-style-span" >3.5</span></td><td><span class="Apple-style-span" >2.5</span></td><td><span class="Apple-style-span" >5.5</span></td><td><span class="Apple-style-span" >11.5</span></td></tr> <tr><td><span class="Apple-style-span" >15</span></td><td><span class="Apple-style-span" >MicroWorld: eScan Internet Security Suite 11.0</span></td><td><span class="Apple-style-span" >3.5</span></td><td><span class="Apple-style-span" >3</span></td><td><span class="Apple-style-span" >5</span></td><td><span class="Apple-style-span" >11.5</span></td></tr> <tr><td><span class="Apple-style-span" >16</span></td><td><span class="Apple-style-span" >Microsoft: Security Essentials 2.0</span></td><td><span class="Apple-style-span" >2.5</span></td><td><span class="Apple-style-span" >3.5</span></td><td><span class="Apple-style-span" >5.5</span></td><td><span class="Apple-style-span" >11.5</span></td></tr> <tr><td><span class="Apple-style-span" >17</span></td><td><span class="Apple-style-span" >BullGuard: Internet Security 10.0</span></td><td><span class="Apple-style-span" >5.5</span></td><td><span class="Apple-style-span" >2</span></td><td><span class="Apple-style-span" >3.5</span></td><td><span class="Apple-style-span" >11</span></td></tr> <tr><td><span class="Apple-style-span" >18</span></td><td><span class="Apple-style-span" >Comodo: Internet Security Premium 5.0 and 5.3</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >3</span></td><td><span class="Apple-style-span" >3.5</span></td><td><span class="Apple-style-span" >10.5</span></td></tr> <tr><td><span class="Apple-style-span" >19</span></td><td><span class="Apple-style-span" >PC Tools: Internet Security 2011</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >3.5</span></td><td><span class="Apple-style-span" >3</span></td><td><span class="Apple-style-span" >10.5</span></td></tr> <tr><td><span class="Apple-style-span" >21</span></td><td><span class="Apple-style-span" >CA: Internet Security Suite 2011</span></td><td><span class="Apple-style-span" >2</span></td><td><span class="Apple-style-span" >3.5</span></td><td><span class="Apple-style-span" >4</span></td><td><span class="Apple-style-span" >9.5</span></td></tr> <tr><td><span class="Apple-style-span" >20</span></td><td><span class="Apple-style-span" >McAfee: Total Protection 2011</span></td><td><span class="Apple-style-span" >3</span></td><td><span class="Apple-style-span" >2</span></td><td><span class="Apple-style-span" >3.5</span></td><td><span class="Apple-style-span" >8.5</span></td></tr> <tr><td><span class="Apple-style-span" >22</span></td><td><span class="Apple-style-span" >Norman: Security Suite Pro 8.0</span></td><td><span class="Apple-style-span" >3</span></td><td><span class="Apple-style-span" >3</span></td><td><span class="Apple-style-span" >2.5</span></td><td><span class="Apple-style-span" >8.5</span></td></tr></tbody></table><br /><div>Above tests were carried out between January and March, 2011.<br /><br /></div><div>Each score is out of 6 so the maximum total score for a product is 18. Interestingly, the <a href="http://AV-Test.org">AV-Test.org</a> people determine that a score of at least 11 is needed to pass their test, in other words the bottom 5 products here have failed and so could not be recommended, ouch!</div>Dodgy_Coderhttp://www.blogger.com/profile/14418022725678218844noreply@blogger.com0