Quantum cryptography already hacked?!

A team of researchers has, for the first time, hacked into a network protected by quantum encryption.

cryptography uses the laws of quantum mechanics to encode data
securely. Most researchers consider such quantum networks to be nearly
100% uncrackable. But a group from the Massachusetts Institute of
Technology (MIT) in Cambridge was able to 'listen in' using a sort of
quantum-mechanical wiretap. The trick allowed them to tease out about
half of the data, in a way that couldn't be detected by those
transmitting or receiving the message.

group admits that their hack isn't yet capable of eavesdropping on a
real network. “It is not something that currently could attack a
commercial system,” says Jeffrey Shapiro, a physicist at MIT and one of
the authors on the study.

they expect that one day it will be able to do so, if quantum
encryption isn't adequately adapted to stop such hackers from

Wow… Mad props to MIT.  Posted on Nature.com.


Help the Roleplayers in the Military!

When President Bush ordered troops to Iraq, he probably never imagined that he would be ultimately be responsible for what very well could be the very first D&D convention/game day ever held in a war zone. Ziggurat Con, being held June 9 from 1200 to 2100 hours at Camp Adder/Tallil Airbase, is open to all allied military personnel and civilian contractors in Iraq.

KBR and MWR (the army’s Morale Welfare & Recreation Department) have graciously allowed service members to use part of the Community Activity Center to hold the Game Day. The Ping Pong room will be set up for RPGs (Role-Playing Games, not to be confused with the rocket propelled grenades which share the same acronym), and the DVD Movie room will be playing Anime Movies all day in support of the event.

The largest problem with running a Con in Iraq, of course, is that there are no local stores or game publishers, and few game books on the post. Even dice are in short supply, with many soldiers breaking the unwritten taboo held by many gamers and sharing dice. Thankfully, many game publishers have also lent their support, and have agreed to supply game products to help the Con along. aethereal FORGE, Sovereign Press, Final Redoubt Press, Goodman Games, Paizo Publishing and Steve Jackson Games are among those that have thrown in their support for the convention. But Amberson indicated that the soldiers could definitely use more.

“This convention is currently in drastic need of prizes and giveaways for the troops,” he said. “Everything donated will go directly to the troops, or to MWR to use as loaner books for the soldiers.”

For more information, contact SPC David Amberson at the following address: david.amberson (at) iraq.centcom.mil

Donations can also be sent to SPC Amberson directly at the following address:

SPC David Amberson
A Co 86th Sig Bn
APO, AE 09331

They’re planning to run the following games (and will be happy to get additional games):
Babylon 5 RPG, Cyberpunk 2020, D&D, D&D RPGA, GURPS, Historic Miniatures Battles, Magic Tournament, MechWarrior Miniatures, Rifts, Shadowrun, Starship Troopers, White Wolf System-Vampire, White Wolf System-Werewolf, XCrawl

Got any game books crowding your shelves that you never use? Here's a great cause to donate them to. Spread the word.

Originally found here.

Scammers don't know when to quit

Except when you mention the FBI:

[13:53] olgafun01: How are you doing?
[13:53] olgafun01: Hello
[13:53] olgafun01: Buzz!!
[13:54] me: Ever get back to the US?
[13:55] olgafun01: Yeah
[13:55] me: Good, what city is it that you live in again?
[13:56] olgafun01: Am still in UK
[13:56] me: So are you in the US or the UK?
[13:57] olgafun01: UK now
[13:58] olgafun01: But i wish to get to you before next 2 weeks okay
[13:58] me: okay… You live in Atlanta right?
[13:59] olgafun01: Nop
[13:59] me: where do you live?
[13:59] olgafun01: I live in Clarksville TN
[13:59] olgafun01: That is where am really from
[13:59] olgafun01: And you?
[13:59] me: oh yeah, that's right. So whatcha doing in the UK?
[14:00] olgafun01: I tolld you before that i wnet to UK for some project
[14:01] olgafun01: U there?
[14:02] me: What is that you do for a living?
[14:02] olgafun01: I work as an interior Decorator / computer Consultant for interior/remodelling companies….
[14:02] me: sounds fun.
[14:03] olgafun01: Ohh yeah
[14:03] olgafun01: What do you do too?
[14:04] me: Internet Fraud Investigations
[14:04] olgafun01: Okay
[14:05] olgafun01: So where are you?
[14:05] olgafun01: Tell me what you really do for you living?
[14:05] olgafun01: Coz that is not wor
[14:05] olgafun01: work
[14:06] me: yes it is. this is part of work I do: http://www-935.ibm.com/services/us/index.wss/summary/imc/a1026055?cntxt=a1000451
[14:07] olgafun01: Okay
[14:08] me: But I am more on the consulting side. I go help companies track down the bad guys
[14:08] olgafun01: Okay
[14:08] olgafun01: That is a good work
[14:08] me: yeah.. it's fun. I get to work with the FBI alot.
[14:08] olgafun01: Brb please

She may be back, but it's been about 45 minutes.  I think she might be a bit scared now.  We'll see.


Logsurfer is a program for monitoring system logs in
real-time, and reporting on the occurrence of events. It
is similar to the well-known swatch program on
which it is based, but offers a number of advanced
features which swatch does not support.

Logsurfer is capable of grouping related log entries
together – for instance, when a system boots it usually
creates a high number of log messages. In this case,
logsurfer can be setup to group boot-time messages
together and forward them in a single Email message to the
system administrator under the subject line “Host xxx has
just booted”. Swatch just couldn't do this properly.

Logsurfer is written in C – this makes it extremely
efficient, an important factor when sites generate a high
amount of log traffic. I have used logsurfer at a site
where a logging server was recording more than 500,000
events per day – and Logsurfer had no trouble keeping up
with this load. Swatch, on the other hand, is based on
perl and runs into trouble even when dealing with a much
smaller rate of log traffic.

Neat little tool from Kerry Thompson.

New Windows Event Management Blog

Ages ago (Sunbelt was founded in 1993, so we’re a rather ancient
company by today’s standards), we had our feet firmly in the Windows NT
system management space — and did quite a bit of business in event log
management. Then we made the move into security software and the rest
is history. 

But we still keep an eye on the market and have many friends in the business.  One of those companies is Dorian Software and Andy Milford over there has started a new blog just on event log management.  You can see it at http://eventlogs.blogspot.com/.  If you’re into event log management or analysis, it’s worth putting the site into your RSS feed.

From the Sunbelt Blog.

Anyone need a Watchlist?

Prior to the airline hijackings on Sept. 11, 2001, the Federal Aviation Administration's “no-fly list” contained 11 names.

Soon after the attacks, the Transportation Security Administration was
created, and given direct authority over airline security screening and
the watch list. The list soon began to expand almost daily, according
to government documents. The last credible report on the list put its
length at 119,000 names, though the TSA says it has since narrowed it
to a smaller number that must remain a secret.

While it was expanding the no-fly list, the TSA was also busy
carving out a second list of people who were allowed to fly, but would
be screened extra closely on their way to the gates. The government
initially denied this “selectee list” existed, but a watchdog group
eventually got the goods in a Freedom of Information Act request.

Of course, the TSA isn't the only agency making lists these
days. Here's a quick Wired News field guide to post-9/11 watch lists.

Get the list on Wired.

Microsoft corroborates Windows Vista OEM hacks

At least Redmond can't say that no one told them so, as the folks at Microsoft are finally holding up a hesitantly-raised white flag
and admitting that Windows Vista is indeed far from crack-proof. After
depressing the mental “Allow” button, Microsoft Senior Product Manager
Alex Kochis has come to grips with the Vista hacks that are currently floating around (and apparently functioning).
Interestingly, he insinuates that the company will be looking at ways
to “disrupt the business model of organized counterfeiters and protect
users from becoming unknowing victims,” but also mentioned that it
wouldn't be rushing out in a likely futile attempt to nab every “mad
scientist” (saywha?) on a mission to hack Windows. Hmm, wonder if that
has anything to do with the barren efforts it exhausted trying to one-up FairUse4WM?

From Engadget.