Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - Time Traveller reported (nzherald.co.nz) 2

Kittenman writes: The NZ Herald is reporting that an Irish filmmaker, George Clarke, has noticed someone using a cellphone in the 'special features' section of the DVD 'The Circus', a Charlie Chaplin movie filmed in 1928. The cellphone is (reportedly) visible in the "unused footage" section. Clarke states: "The only conclusion I can come to — which sounds absolutely ridiculous I'm sure, to some people — is it's a time traveller,". Other conclusions are also possible, no doubt. One also wonders what network the traveller was using in the 1920s. Or maybe it was a satellite phone — which raises other issues. Or maybe it was something else altogether. Most remarkable is that not only that a person has an obscure Chaplin movie on DVD but that they also scanned the 'special features'.

Submission + - Investigating the "driver" used in Aurora attack (blogspot.com)

An anonymous reader writes: Security researcher had published his external analysis for the msconfig32.sys file, used in the Aurora attack against Google.
Aurora operation was done by a sophisticated attackers and trace back to China. Itzhak Avraham, Had researched a file which not much of information had been published about, and checked the leads of drivers used as one of the attackers arsenal. In his post (http://imthezuk.blogspot.com/2010/03/aurora-sys-file-used-in-attack-external.html) he shows why it is, or why it's not a valid driver. Nice to see some external analysis when proper analysis can't be done (in scenarios where file is encrypted/corrupted). This is the first public analysis of the ".sys" file used in the attack.


Submission + - First public analysis of the Aurora's .sys file (bit.ly)

zukinux writes: Security researcher Itzhak Avraham, had checked what did the only .sys file that were used in Aurora attack vs. Google was about. Was it a driver? What was it's purpose and what techniques was behind this file. We can learn a bit more about cyber warfare actual use of files and purposes by analyzing those kind of files after incidents. The initial thought was that this was a driver used to check the monitor status to see if it's okay to work on the screen using VNC (used in the payload as-well).

Comment Re:Conveniently forgetting the details - You lie!! (Score 1) 929

There had never been an attack on Ben Gurion Airport in Israel, ever! It's one of the safest air ports in the world. It's sounds like you're inventing those stuff up. sorry. Also, Israel is one of the nicest place to visit on earth, including "the dead sea" which is 90% salt, so you can float on the water, it's awesome. Tel-aviv is great place for parties, and the north of Israel is just beautiful. Please don't lie about stuff like that, people might believe you. written by an Israeli citizen.

Comment Some mistakes in the articles and comments (Score 1) 289

Hello, This advisory had been published at the 9th of September http://g-laurent.blogspot.com/2009/09/windows-vista7-smb20-negotiate-protocol.html, about a Kernel Crush made by specially crafted SMB packet to port 445. This advisory were published in the begining as Denial-Of-Service but soon people found that it was exploitable! Soon lots of people tried to be the first to create working exploit for the MS09-050 (SMB2). Till then, Microsoft told that un-till an update will be available you can disable SMB2 and not ports 445/139.

Also, CoreImpact had first published an remote exploit PoC to their members at the 17th of Septemeber. Which means that an exploit had been found to subscribers at 17/9!!.
So this article is basically wrong. Anyways, more researchers still tried to create public exploit for it such as http://blog.metasploit.com/2009/10/smb2-351-packets-from-trampoline.html which describes what his way of exploiting this using 351 packets to achieve jump to his code (remote code execution).

So... This article has more than a few points which are not accurate including the "The first windows 7 zero day exploit" title.

Comment Interesting use of ClearView in hacker PoV (Score 1) 234

Interesting use of ClearView in hacker point of view, the program can be patched to not change the binaries, but just to write which places seem vulnerable, and try to attack those vectors of input to gain a zero-day attack on a program which other fuzzers didn't seem to detect those input errors, etc.

Comment Short information about current Wireless Hacking (Score 5, Informative) 166

In-order to hack WEP it's quite simple today, you need to do the following :
1) Listen to packets going through (monitor mode)
2) Force people to send more packets using arp-replay packets or specially crafted packets
3) Capture about 25000 packets and make an crypto analysis [the more packets you capture, more chance you'll be able to decrypt the password] about this packets to get password

In WPA1/2 it's quite different :
1) Listen to packets going through in monitor mode
2) Wait un-till you capture a connection-login handshake (it's 2 packets both ways = 4 packets)
3) After you capture packets in 2, you need to do Dictionary attack on the captured session login. If that word isn't in your dictionary, you're screwed.

That's why a current wireless hacking methods against a strong not-in-dictionary WPA(PSK) password will be quite hard (if possible) to hack these days.

Just so we all be cleared.

Comment Re:Typical Bullshit- Linux Kernel Runtime Patching (Score 1) 341

I've yet to see a good Linux/Unix distribution that offers centralized patch management in an easily administered manner to compare with WSUS.
Kernel issues still require a reboot.

Kernel issues do not always require a reboot.
Most of the time you can have a run-time patching within a separate LKM (Loadable Kernel Module).

Check this out for some more info about run-time patching

Comment Re:local... remote... -- WRONG (Score 1) 595

It would be quite an accomplishment to introduce a remote exploit directly in the kernel.

Here you go : that's not that hard to achieve (well, it is, but that's not impossible) : http://dvlabs.tippingpoint.com/advisory/TPTI-06-02 (Driver BO will run on kernel-mode obviously), so remote BO's on kernel side are not that never heard of.

Comment weird that they both came up with this - same time (Score 1) 280

"Two researchers, Dan Kaminsky and Moxie Marlinspike, came up with exact same way to fake being a popular website with authentication from a certificate authority."

Here's what happened : Moxie Marlinspike found this and sent his boss a message through his website, but the problem was, Mr. Kaminsky had tried his DNS poisoning on that website and all the traffic went through Kaminsky. Kaminsky afterward declared that he had found a way to do it :)

Of-course I'm j/k but Dan is a genius and can do it :)

Comment Re:"Technology over politics"... (Score 1) 634

I'm one of the guys like you who actually makes fun of MS in every possible way, but I still believe in my heart that there's lots of code in their system which is written quite good. and I also think they've contributed much to today's world/technology.
I still use linux though, but [sarcasem ]"the enemy"[/sarcasem] is actually not that evil, I guess (without thinking about ie/or any other monopoly behavior).

Slashdot Top Deals

The cost of living hasn't affected its popularity.