The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Archive for October, 2005

Sony DRM using Rootkits!

Posted by Xavier Ashe on October 31, 2005

Last week when I was testing the latest version of RootkitRevealer
(RKR) I ran a scan on one of my systems and was shocked to see evidence
of a rootkit. Rootkits are cloaking technologies that hide files,
Registry keys, and other system objects from diagnostic and security
software, and they are usually employed by malware attempting to keep
their implementation hidden (see my “Unearthing Rootkits”
article from the June issue of Windows IT Pro Magazine for more
information on rootkits). The RKR results window reported a hidden
directory, several hidden device drivers, and a hidden application…

Mark Russinovich goes into great detail on his on discovering this horrible truth.  It looks like a company called First 4 Internet
sells a technology called XCP.  It's a DRM technology and they
sold it to Sony.  Let me be more specific: It's a rootkit whose
purpose is DRM and Sony has already implemented it in CDs that are in stores now.  This is a very bad
approach and should be publicly shunned.  Sony is probably unaware
of the technical details of this software, but should be made
aware.  Put
your person opinion aside about DRM for a second and look at the plain
truth:  Buy a CD with this technology and your system is modified
on a kernel level without your permission.  This extremely
unethical software needs to be exposed for it really is.  My hats
off to Mark for taking the time to find out the real truth.  Found
on Boing Boing.


Posted in Other Technology, Privacy, Security | Leave a Comment »

Funny Guy… Funny Blog

Posted by Xavier Ashe on October 31, 2005

those of you who love Dilbert, but has yet to notice the big banner
they have had on their site for the last week, Scott Adams has created The Dilbert Blog.  So far he has had some rather amusing annidotes, but today's post had me laughing out loud.  I just love this guy's humor.  And I travel all the time, so I can feel his pain.

…The airline’s automated message called me an hour later
and said my flight was cancelled for no particular reason. But I was
automatically rebooked to a new and better flight with excellent seats
and vegetarian meals. There was a good chance I could get backrubs from
attractive flight attendants too.

technically, they booked me on an overnight flight that would guarantee
that when I gave my keynote speech to a crowd of 1,000 industry leaders
soon upon landing I would look like a heroin-addicted badger that had
stowed away in a jar of mayonnaise…

Posted in For Fun | Leave a Comment »

I am sooo jealous!

Posted by Xavier Ashe on October 31, 2005

WOW!! I just played games on an XBOX 360


Okay, so… When Microsoft says the XBOX 360 is a whole new level of gaming machine, they're serious.

I just played a couple shooters on a XBOX 360 game console and
that's it, I'm sold. The graphics are GREAT. The visuals make the
gameplay amazing, and it's clear the processing and video power is
extreme. Add to that the Media Center connections and, well… Wow.

It looks like some Best Buys are starting to setup some demos. 
I will be heading to my Best Buy tonight to see if they have one
yet.  Go tell Greg Hughes that you're jealous.

Posted in XBox Hacks | Leave a Comment »

What better to do on a slow Sunday? Brew Beer in a Coffee Pot

Posted by Xavier Ashe on October 31, 2005

Brewery tours are a golden opportunity for brewers to educate visitors
about the art of brewing. But any brewery employee who has been
assigned tour guide duty has seen the confusion on people's faces when
you describe the brewing process. To the visitor, brewing can sound
like a return to high school chemistry-with some alchemy thrown in.

The process of brewing coffee, I discovered, was a good way to relate
the brewing process to people who do not understand zymurgy, the
technical term for making beer. This became more than a useful analogy:
with familiar kitchen equipment, you can repeat the steps of the
process that goes on in breweries large and small-and make a very small
batch of beer.

Have fun on All About

Posted in For Fun | Leave a Comment »

Voice your Opinions NOW!

Posted by Xavier Ashe on October 29, 2005

The Copyright Office of the U.S. Library of Congress is conducting its required regular review of the anti-circumvention provisions of the Digital Millenium Copyright Act. Comments can be submitted over the Internet, and are due December 1st.

Good information on the DMCA can be found here, here, and here.

Now is the time to make your voice heard.  This isn't about
downloading free music and movies, but a flawed law that has
complicated new technology from emerging and jailed researchers.  The government needs to hear from you TODAY.

Found on Bruce Schneier's Blog.

Posted in Privacy, Security | Leave a Comment »

An Assessment of the Oracle Password Hashing Algorithm

Posted by Xavier Ashe on October 28, 2005

In this paper the authors examine the mechanism used in Oracle databases for protecting
users' passwords. We review the algorithm used for generating password hashes, and show
that the current mechanism presents a number of weaknesses, making it straightforward for
an attacker with limited resources to recover a user's plaintext password from the hashed
value. We also describe how to implement a password recovery tool using off-the-shelf
software. We conclude by discussing some possible attack vectors and recommendations to
mitigate this risk.

Good paper posted in the SANS Reading Room (PDF).  Here are the mitigatation recommendations:

• Use non-privileged users for web applications
• Restrict access to password hashes
• Audit SELECT statements on the DBA_USERS view
• Encrypt TNS traffic
• Enforce a minimum password length

Posted in Security | Leave a Comment »

Win for Privacy: No Cell Phone Location Tracking Without Probable Cause

Posted by Xavier Ashe on October 28, 2005

Agreeing with a brief submitted by EFF, a federal judge
forcefully rejected the government's request to track the location of a
mobile phone user without a warrant.

Strongly reaffirming an earlier decision, Federal Magistrate James
Orenstein in New York comprehensively smacked down every argument made
by the government in an extensive, fifty-seven page opinion issued this
week. Judge Orenstein decided, as EFF has urged, that tracking cell
phone users in real time required a showing of probable cause that a
crime was being committed. Judge Orenstein's opinion was decisive, and
referred to government arguments variously as “unsupported,”
“misleading,” “contrived,” and a “Hail Mary.”

“This is a true victory for privacy in the digital age, where nearly
any mobile communications device you use might be converted into a
tracking device,” said EFF Staff Attorney Kevin Bankston. “Combined
with a similar decision this month from a federal court in Texas, I
think we're seeing a trend—judges are starting to realize that when it
comes to surveillance issues, the DOJ has been pulling the wool over
their eyes for far too long.”

EFF: Court Issues Surveillance Smack-Down to Justice Department.  Engadget has coverage as well, reminding us that:

Your boss is still free to track you via that new Sprint phone he just gave you (and
you’re free to track your kids as

Posted in Privacy | Leave a Comment »

An Attempt to Fight Back against SPLOG

Posted by Xavier Ashe on October 28, 2005

Splog is a terrorist to our blogosphere and needs to be stopped. Splog Reporter was created for “good willed” bloggers to report splog in an
effort to help to clean up the blogosphere of splog.

Posted in Other Technology, Security | Leave a Comment »

Insecure Vol. 4 Rleased

Posted by Xavier Ashe on October 28, 2005

The topics covered : Structured traffic analysis, Access Control Lists
in Tiger and Tiger Server – true permission management, automating I.T.
security audits, biometric security, PDA attacks, part 2: airborne
viruses – evolution of the latest threats, build a custom firewall
computer, lock down your kernel with grsecurity, interview with Sergey
Ryzhikov, director of Bitrix, best practices for database encryption
solutions.  Pickup the 4th volume this fine online magazine here (PDF).

Posted in Security | Leave a Comment »

Locating Haunted Houses and Making Crypts

Posted by Xavier Ashe on October 27, 2005

Just in time for time for Halloween, members of the the Virtual Earth team (aka the Poly9 boys) have used a bunch of different sources and MSN Virtual Earth technology to build the “Haunted Map.” It shows where haunted houses can be found all over the USA. Think of it as a geek treat for your Halloween trick-or-treat bag.

Found on Search Engine Watch Blog.  And from the Make Blog:

Roland sent along this great DIY site for building Halloween settings “For
Halloween 2004, we added a spooky crypt to our graveyard scene. This
project requires a fair amount of work, but with a few helpers (at
least one of which has some woodworking skills), you too can have a
ghost haunt a crypt for your Halloween celebration.”

Posted in For Fun, Other Technology | Leave a Comment »

AirMagnet Introduces BlueSweep Utility for Bluetooth

Posted by Xavier Ashe on October 27, 2005

AirMagnet, Inc., the leader in wireless LAN (WLAN) security and
performance solutions, today introduced its BlueSweep™ software,
designed to identify nearby devices with Bluetooth wireless technology
and alert users to potential Bluetooth security risks. The AirMagnet
software identifies and tracks devices up to 300 feet away and lets
users know what their own Bluetooth devices are doing. BlueSweep runs
on laptop computers that support Windows XP, and is available
immediately as a free software download at

See the full press release.

Posted in Security, Tools | Leave a Comment »

Sprint to roll out national WiMax network

Posted by Xavier Ashe on October 27, 2005

Sprint gets it — the future’s in not necessarily cellular high speed wireless communications,
something like WiMax (or WiBro, Flash OFDM, etc.), per
se. PCS Intel also has it that apparently Sprint’s coming up roses with laying the groundwork for next-gen wireless
broadband because of their DoD deal; looks like they’re planning a nation-wide rollout with an even broader coverage
base than their existing cellphone network (which shouldn’t be too hard, considering how long-range WiMax is). Of
course, being that the WiMax standard is still in the oven, so to speak, by the time the
DoD takes the iDEN network off their hands (and
supposedly switches up bands), they’ll be able to rebuild their spectrum with whichever kind of network they please,
WiMax, 3G, 4G, or otherwise.

From Engadget.

Posted in Other Technology | Leave a Comment »

Version 2.1 of the Windows XP Security Guide now available

Posted by Xavier Ashe on October 26, 2005

This version of the Windows XP Security Guide was updated to provide additional security guidance for:

  • Maintaining different levels of security and control on Windows XP client computers.
  • Securing Windows XP client computers that are not members of an Active Directory domain.
  • Security settings for computers that must function reliably in extremely critical roles in high security environments.

about the security features in SP2 was included as an appendix in the
previous version of this guide. This information has now been
integrated throughout the guide, and thoroughly tested templates for
Windows Firewall security settings are provided. Information is also
provided about closing ports, Remote Procedure Call (RPC)
communications, memory protection, e-mail handling, Web download
controls, spyware controls, and much more.

It is available on the TechNet Security Center. The guide is also available for download from the Microsoft Download Center.

Posted in Security | Leave a Comment »

Blog Roll

Posted by Xavier Ashe on October 26, 2005

If you are interested… I have linked my blog roll to update live on
my blog.  As I find new Blogs and RSS Feeds, you will see them pop
up here.  The Blog Roll is on left hand column, towards the
bottom, after the Google ads.  And it would not hurt anyone if you
clicked on one of those too ;).

Posted in Main Page | Leave a Comment »

List of Printers Which Do or Don't Print Tracking Dots

Posted by Xavier Ashe on October 26, 2005

This is a list in progress of color laser printer models that do or
do not print yellow tracking dots on their output.

Remember that a “no” simply means that we couldn't see yellow dots;
it does not prove that there is no forensic watermarking present.
(For example, the HP Color LaserJET 8500 series does not include any
yellow tracking dots that we can see, but it may still include some
kind of forensic marking, since the majority of earlier CLJ models

Remember that a “yes” simply means that we (or another source, as
noted) saw yellow dots that appeared anomalous to us. Until we
decipher the marking schemes or receive other confirmation, this does
not constitute proof that any particular kind of information is
represented by these dots. In a very few cases, for example, they
might be the result of a poor dithering technique, rather than a
forensic mark.

From the EFF.

Posted in Privacy | Leave a Comment »

The VoIP Security Threat Taxonomy

Posted by Xavier Ashe on October 26, 2005

This VoIP Security Threat Taxonomy is meant to define
the many potential security threats to VoIP deployments, services, and
end users. Part of the challenge of devising effective VoIP security
protections requires first identifying these threats in the first
place. The overall goal of this project is to help ground VoIP security
awareness in the industry, press, and general public.

The chapters header are Social Threats, Eavesdropping, Call Pattern
Tracking, Traffic Capture, Interception and Modification, Service
Abuse, Intentional Interruption of Service (DOS), and Other
Interuptions of Service.  This is a great reference document that
should put everyone on the level when discussion VOIP threats and
risk.  It authored by VOIPSA (the same guys who analyzed the security of Skype), and was posted on Astalavista (PDF).

Posted in Security | Leave a Comment »

Hack the new CVS Video Camera

Posted by Xavier Ashe on October 24, 2005

Looks like the disposable video camera's that CVS sells have been
updated to keep hackers at bay.  When will they ever learn…

Found on the MAKE Blog.

Posted in Other Technology, Security | Leave a Comment »

Using Supermarket Loyalty Program against you

Posted by Xavier Ashe on October 24, 2005

Interesting tidbit on Bruce Schneier's Blog (click here for orginal story):

Person 1 loses a valuable watch in a supermarket. Person 2 finds it
and, instead of returning it as required by law, keeps it. Two years
later, he brings it in for repair. The repairman checks the serial
number against a lost/stolen database. Person 2 doesn't admit he found
the watch, but instead claims that he bought it in some sort of used
watch store. The police check the loyalty-program records from the
supermarket and find that Person 2 was in the supermarket within hours
of when Person 1 said he lost the watch.

Posted in Privacy | Leave a Comment »

Advanced Threat Modeling

Posted by Xavier Ashe on October 24, 2005

Although the security community has relied on the “Eicar Antivirus Test File
for years, the complex advances in malware requires a more modern and
thorough threat simulation. To this end the “DFK Threat Simulator” was
created. Bundling a declawed collection of dropper, rootkit, virus,
trojan, spyware, keylogger, leaktest, and alternate data stream
technology, the DFK Threat Simulator is a serious representation of the
modern dangers facing computer users today.

Wow… I can't wait to try this out in my lab.  I install various
types of protection equipment and the first thing the customer wants to
see is, “Show me that it is working.”  For email, gatway, or host
virus scanners or IPS, I have used GFI's emai virus test kit
It sends a bundle of tests, for free!  I hope to have more tests
like this up my sleeve.  Found the DFKTS link on the SunBelt Blog (whose VP of Product Management is stuck on a crusie ship!)

Posted in Security, Tools | Leave a Comment »

Anyone want to buy my Blog?

Posted by Xavier Ashe on October 24, 2005

        My blog is worth $5,080.86.
How much is your blog worth?

Found this little widget on Forever Geek
It uses the dollar per link value from the recent AOL / Weblogs Inc
deal, and runs it through Technocrati.  Not bad for a 4 month old
blog.  I am averaging about 1000 unique vistors a day. 

Also, if you have not noticed, I added some additional widgets to my
blog.  I have added some google ads, a google search bar, and some
google translators.  If there is a language you would like me add,
let me know.  The graphical link section on the right is full
other widgets that will add this blog to Yahoo, MSN, NewsGator, and
others.  I also listed byblog on several blog indexes.

Posted in Other Technology | Leave a Comment »

%d bloggers like this: