Forgot your password?
typodupeerror
Science

+ - Time Traveller reported-> 2

Submitted by Kittenman
Kittenman (971447) writes "The NZ Herald is reporting that an Irish filmmaker, George Clarke, has noticed someone using a cellphone in the 'special features' section of the DVD 'The Circus', a Charlie Chaplin movie filmed in 1928. The cellphone is (reportedly) visible in the "unused footage" section. Clarke states: "The only conclusion I can come to — which sounds absolutely ridiculous I'm sure, to some people — is it's a time traveller,". Other conclusions are also possible, no doubt. One also wonders what network the traveller was using in the 1920s. Or maybe it was a satellite phone — which raises other issues. Or maybe it was something else altogether. Most remarkable is that not only that a person has an obscure Chaplin movie on DVD but that they also scanned the 'special features'."
Link to Original Source
Google

+ - Investigating the "driver" used in Aurora attack->

Submitted by Anonymous Coward
An anonymous reader writes "Security researcher had published his external analysis for the msconfig32.sys file, used in the Aurora attack against Google.
Aurora operation was done by a sophisticated attackers and trace back to China. Itzhak Avraham, Had researched a file which not much of information had been published about, and checked the leads of drivers used as one of the attackers arsenal. In his post (http://imthezuk.blogspot.com/2010/03/aurora-sys-file-used-in-attack-external.html) he shows why it is, or why it's not a valid driver. Nice to see some external analysis when proper analysis can't be done (in scenarios where file is encrypted/corrupted). This is the first public analysis of the ".sys" file used in the attack."

Link to Original Source
Google

+ - First public analysis of the Aurora's .sys file->

Submitted by zukinux
zukinux (1094199) writes "Security researcher Itzhak Avraham, had checked what did the only .sys file that were used in Aurora attack vs. Google was about. Was it a driver? What was it's purpose and what techniques was behind this file. We can learn a bit more about cyber warfare actual use of files and purposes by analyzing those kind of files after incidents. The initial thought was that this was a driver used to check the monitor status to see if it's okay to work on the screen using VNC (used in the payload as-well)."
Link to Original Source

Comment: Re:Conveniently forgetting the details - You lie!! (Score 1) 929

by zukinux (#30460308) Attached to: Israeli Border Police Shoot US Student's Laptop
There had never been an attack on Ben Gurion Airport in Israel, ever! It's one of the safest air ports in the world. It's sounds like you're inventing those stuff up. sorry. Also, Israel is one of the nicest place to visit on earth, including "the dead sea" which is 90% salt, so you can float on the water, it's awesome. Tel-aviv is great place for parties, and the north of Israel is just beautiful. Please don't lie about stuff like that, people might believe you. written by an Israeli citizen.

Comment: Some mistakes in the articles and comments (Score 1) 289

by zukinux (#30118116) Attached to: The First Windows 7 Zero-Day Exploit
Hello, This advisory had been published at the 9th of September http://g-laurent.blogspot.com/2009/09/windows-vista7-smb20-negotiate-protocol.html, about a Kernel Crush made by specially crafted SMB packet to port 445. This advisory were published in the begining as Denial-Of-Service but soon people found that it was exploitable! Soon lots of people tried to be the first to create working exploit for the MS09-050 (SMB2). Till then, Microsoft told that un-till an update will be available you can disable SMB2 and not ports 445/139.

Also, CoreImpact had first published an remote exploit PoC to their members at the 17th of Septemeber. Which means that an exploit had been found to subscribers at 17/9!!.
So this article is basically wrong. Anyways, more researchers still tried to create public exploit for it such as http://blog.metasploit.com/2009/10/smb2-351-packets-from-trampoline.html which describes what his way of exploiting this using 351 packets to achieve jump to his code (remote code execution).

So... This article has more than a few points which are not accurate including the "The first windows 7 zero day exploit" title.
Cheers.
Zuk

Comment: Interesting use of ClearView in hacker PoV (Score 1) 234

by zukinux (#29933471) Attached to: Fixing Bugs, But Bypassing the Source Code
Interesting use of ClearView in hacker point of view, the program can be patched to not change the binaries, but just to write which places seem vulnerable, and try to attack those vectors of input to gain a zero-day attack on a program which other fuzzers didn't seem to detect those input errors, etc.

Comment: Short information about current Wireless Hacking (Score 5, Informative) 166

by zukinux (#29916567) Attached to: New Improvements On the Attacks On WPA/TKIP
In-order to hack WEP it's quite simple today, you need to do the following :
1) Listen to packets going through (monitor mode)
2) Force people to send more packets using arp-replay packets or specially crafted packets
3) Capture about 25000 packets and make an crypto analysis [the more packets you capture, more chance you'll be able to decrypt the password] about this packets to get password


In WPA1/2 it's quite different :
1) Listen to packets going through in monitor mode
2) Wait un-till you capture a connection-login handshake (it's 2 packets both ways = 4 packets)
3) After you capture packets in 2, you need to do Dictionary attack on the captured session login. If that word isn't in your dictionary, you're screwed.

That's why a current wireless hacking methods against a strong not-in-dictionary WPA(PSK) password will be quite hard (if possible) to hack these days.

Just so we all be cleared.

Comment: Re:Typical Bullshit- Linux Kernel Runtime Patching (Score 1) 341

by zukinux (#29693503) Attached to: Microsoft Plans Largest-Ever Patch Tuesday

I've yet to see a good Linux/Unix distribution that offers centralized patch management in an easily administered manner to compare with WSUS.
Kernel issues still require a reboot.

Kernel issues do not always require a reboot.
Most of the time you can have a run-time patching within a separate LKM (Loadable Kernel Module).

Check this out for some more info about run-time patching

Comment: Re:local... remote... -- WRONG (Score 1) 595

by zukinux (#29060753) Attached to: Local Privilege Escalation On All Linux Kernels

It would be quite an accomplishment to introduce a remote exploit directly in the kernel.

Here you go : that's not that hard to achieve (well, it is, but that's not impossible) : http://dvlabs.tippingpoint.com/advisory/TPTI-06-02 (Driver BO will run on kernel-mode obviously), so remote BO's on kernel side are not that never heard of.

Comment: weird that they both came up with this - same time (Score 1) 280

by zukinux (#28899477) Attached to: Null Character Hack Allows SSL Spoofing

"Two researchers, Dan Kaminsky and Moxie Marlinspike, came up with exact same way to fake being a popular website with authentication from a certificate authority."

Here's what happened : Moxie Marlinspike found this and sent his boss a message through his website, but the problem was, Mr. Kaminsky had tried his DNS poisoning on that website and all the traffic went through Kaminsky. Kaminsky afterward declared that he had found a way to do it :)


Of-course I'm j/k but Dan is a genius and can do it :)

Comment: Re:"Technology over politics"... (Score 1) 634

by zukinux (#28821819) Attached to: Linus Calls Microsoft Hatred "a Disease"
I'm one of the guys like you who actually makes fun of MS in every possible way, but I still believe in my heart that there's lots of code in their system which is written quite good. and I also think they've contributed much to today's world/technology.
I still use linux though, but [sarcasem ]"the enemy"[/sarcasem] is actually not that evil, I guess (without thinking about ie/or any other monopoly behavior).

Little known fact about Middle Earth: The Hobbits had a very sophisticated computer network! It was a Tolkien Ring...

Working...