DOS with your Cell phone!

Just when I thought I had seen every cool way to DOS a computer, Rickard Liljeberg finds the coolest yet.

Apparently if you stick a cell phone near the CD-ROM of a Dell Optiplex GX520 and receive a SMS/text message, the machine will go into suspend mode!

Imagine the pranking possibilities.

If you read through the comments of the site, Richard states that a few folks from Dell have already viewed his page.

Here's a link to the video, or please visit the blog entry to read more.

Found on A Day in the Life of an Information Security Investigator.

Advertisements

Google doesn't like security sites!

I decided to create some Google Ads to drive some addtional traffic to the site.  After a few days of the ads running, Google suspended my account.

Hello,

Thank you for advertising with Google AdWords. After reviewing your account, we've found that one or more of your ads or keywords does not meet our guidelines. You can see your disapproved ad(s), the reason for disapproval, and editorial suggestions, from the Disapproved Ads page within your account.

Wells that's not very nice.  I logged on to my Google AdWord account and found out the following:

At this time, Google policy does not permit the advertisement of websites that contain “hacking or cracking”. As noted in our advertising terms and conditions, we reserve the right to exercise editorial discretion when it comes to the advertising we accept on our site.

Has anyone else had problems like this? 

Xbox 360 Piracy Spreading Fast In China

 
As part of Gamasutra's visit to Shanghai for this week's ChinaJoy game
exhibition, we've discovered that Xbox 360 game piracy appears to be
spreading notably in the country, with at least one vendor offering
Xbox 360 titles such as Hitman: Blood Money for around 30 Chinese yuan ($3.50).

This development has occurred after an incident in March 2006, in which hackers managed to flash changes to the firmware
on the Xbox 360's DVD-ROM drive which allowed non-authenticated
(copied) games to be played. Further information on the hack surfaced
in late May, when other parties appear to have released a public
version of the exploit, and Microsoft's Gamerscore Blog published an official response to the problem.

But, judging by the shrinkwrapped copies of Xbox 360 titles available
publically in the country, Microsoft's much-vaunted security system has
been definitively bypassed for physical media-based Xbox 360 games –
with stores or individuals in Shanghai presumably offering to flash the
Xbox 360's disc drive BIOS for a fee.

As for the large selection of Xbox 360 games available, a recent Chinese-language article at Sina.com pictures some of the titles readily available at game vendors throughout China, also including Ninety-Nine Nights, Fight Night Round 3, and Project Gotham Racing 3.

Read the full article on Gamasutra.

Response from the Governor

As you may recall, I wrote the governor of Georgia on April 24, 2006 to protest HB1259.  That was the bill that would have made it a felony to practice computer forensics without a PI license.  Governor Sonny Perdue vetoed that bill on May 5, 2006.  His office just now replied to my message.  Better late than never.

Dear Mr. Ashe:

Thank you for contacting my office regarding House Bill 1259, recently considered by the 2006 Georgia General Assembly. I appreciate knowing how you stand on this issue and regret the
delay in my response to your message.

The existing definition of “private detective business,” continued in this bill, in conjunction with the applicable exemptions in the law, fails to exclude from the private investigator licensing requirement many professions that collect information or may be called as expert witnesses in court proceedings. To expand the penalty from a misdemeanor to a felony without revision of the existing definitions in the law could result in unintended consequences, therefore I vetoed House Bill
1259 on May 5, 2006.

Thank you again for writing and for your participation in our democratic process.

Nepenthes

Nepenthes is a low interaction honeypot like honeyd or mwcollect.
Low Interaction Honeypots emulate _known_ vulnerabilities to collect
information about potential attacks. Nepenthes is designed to emulate
vulnerabilties worms use to spread, and to capture these worms. As
there are many possible ways for worms to spread, Nepenthes is modular.
There are module interface to

  • resolve dns asynchronous
  • emulate vulnerabilities
  • download files
  • submit the downloaded files
  • trigger events (sounds abstract and it is abstract but is still quite useful)
  • shellcode handler

Click here for the project homeFound on Bruce Schneier blog.

Human Implanted RFID Cloned at HOPE

Newitz said she has an RFID chip implanted in her right arm manufactured by VeriChip Corp., a subsidiary of Applied Digital.

“Their Web site claims that it cannot be counterfeited — that is something that Jonathan and I have shown to be untrue.”

The pair demonstrated the cloning process: Westhues held a standard
RFID reader against Newitz’s arm to register the chip’s unique
identification number.

Next, Westhues used a home-built antenna connected to his laptop to
read Newitz’s arm again and record the signal off her implanted chip.

Westhues then takes the standard RFID reader and waves it past his
laptop’s antenna. The reader beeps, showing Newitz’s until then
“unique” ID. “It actually has no security devices what-so-ever,” Newitz
said of VeriChip’s claims that its RFID chips can not be counterfeited.

Read the full story on Reuters Newsblogs.