Here is an amuzing story where prisoners in a maximum security prison managed to hack their lockdown computers.
Their computer seems to be more like a dumb terminal than a full featured one, and what they can do and where they can go is very limited (i.e.: watch television and receive call).
However, the prisoners found out that by opening 200+ windows explorer they could cause a buffer overflow which then allowed them more access!

http://gcn.com/articles/2011/05/30/colorado-prison-sidebar.aspx

and to go with this story here is a photo I came accross on the internet and that summerize the security state of many companies!

The security of mobile devices is receiving an increasing level of attention and many security vendors are now offering a Mobile Device Management solution. What seems to be leading the market is a secured container approach, which although providing a high level of security could potentially be flawed because it does not take into account what is driving users to buy smartphones and tablets.

A container approach is a very secured one with a strong legal aspect, however, the same way the consumerisation of devices is driving unapproved devices in companies today, there is a risk that users want a full consumer experience where different users will have different preferred apps to do a similar task. A container approach does not provide this full consumer experience and locks the user to the functionalities the secured container apps provides.
Therefore a secured container approach may be flawed through another layer of consumerisation, the apps consumerisation where user...
>>[READ MORE]

The LavaRND project is a very interesting take on providing a cryptography strong random generator framework.

Both in terms of plans for physical devices to software library.

If only I had more time I would love to try building one of their device, nevertheless, I highly recommend this website as it is full of very interesting information related to randomness and they even have some interesting demo using their random framework. You do not require an interest in cryptography to appreciate the work done.

Next time I need a strong random generator algorithm, I will know where to look :)

http://www.lavarnd.org

I went to a SANS Forensic course (508) last year and a few weeks ago I decided to try something new… to stay at home and dedicate 5 days to do their Ethical Wireless Hacking training course (617).

Let me first say that the 617 training course was really good, the author of the course and the recordings were made by Joshua Wright who runs the http://www.willhackforsushi.com blog. He is very knowledgeable and his enthusiasm was even contagious through audio only. In fact this is a huge understatement! I was truly amazed by his skills, stories and training delivery!
So much that for 7 days I was up at 9am and worked until 2am each day on the different content material covered by the course.

As I almost lost my sanity and started dreaming of ToDS/FromDS bits and fuzzing I thought I would share a few tips on this type of training course.

– Check the last time the course was updated, and if there is an upco...
>>[READ MORE]

I just came accross an interesting attack on the Secure Real Time Protocol (SRTP) using Variable Bit Rate codecs (VBR). That protocol is used to secure voice or IP communication by encrypting the transmitted data.

The attack is described in this draft paper but for the the full details you should take a look at the very comprehensive white paper here which dates back to 2008.

It usesthe phoneticpronunciation of words to identify patterns in the VBR encoding which can be used to bypass encryption and identify phrases as well as the language spoken. So this attack does not target individual words, but phrases or sentences.

Although the paper claims in some cases a success rate of 90% it has an average of 50% success, which is already good enough! What is ...
>>[READ MORE]

In the past few months there seems to have been a rise in what is called Advance Persistant Threats (APT).
Wikipedia actually has a short but comprehensive description of what it means HERE.

An article on SC Magazine describes what seems to have been an APT against RSA affecting the security of their two factor authentication products.
It is not clear exactly what has been stolen at the moment, but RSA has admited that some sensitive information has been leaked/downloaded.

By reading some of the security community reactions (Help net security article) there seems to be 3 main concerns:
1. Security breach related to their pseudo random number genera...
>>[READ MORE]

The video below would be a really great hack, but it seems toonly be a hoax for a couple of reasons:

– It is unlikelysuch hacker would be showing his face so willingly.
– Apparently to hack those wireless billboard you would attack first the central “billboard broadcasting computer”.

Now… if the wireless communications to those billboard was unsecured, then it could be a different story :)

YouTube Direkt

With the rise in popularity of Apple products there is also an increasing interest from hackers and security professionals.

The well oiled speech from Apple and their fan is that apple products are more secure than the competition. Especially around the Mac OS X, which does not need Anti-Viruses, does not get malware, etc.

But is this actually true? and even if it is today, will it always remain so?

I do not think so.

A number of security vendors have started to offer some anti-virus for Mac: Sophos, McAfee, ClamXav, to name a few!

You could argue they are just surfing on the Apple computer market share increase, but then you would forget that some MAC OS X trojans are being seen around, for example, SOPHOS recently discussed a new MAC OS X trojan:...
>>[READ MORE]

There has been a number of articles in the past few weeks about SSD drives proving to be difficult to securely wipe with conventional methods that are working on non SDD drives. Such as degaussing or repeated data overwrites.

It seems to have all come from the work of some californian researchers who have published a paper on that topic and available HERE.

And an easier to read summary is available on Macworld

It is not all bad though, one solution is to fully encrypt the disk and some companies such as ...
>>[READ MORE]