The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Archive for May, 2007

This security boy got religion!

Posted by Xavier Ashe on May 24, 2007

Hello to all you security geeks out there.  This is just a quick note to let you know I have another blog that I just started.  I just joined the Unitarian Universalist Congregation of Atlanta (UUCA) and wanted to write up some of my spiritual perspectives.  So if any one is interested, the name of the new blog is Gnu UU.  See… I may have went and got all holy and stuff… but I'm still a geek.  Look for continual erratic updates to this blog.  Thanks to all my readers, keep the emails coming, but feel free to comment every know and then too!


Posted in Personal Note | Leave a Comment »

Videos from HITBSecConf2007 – Dubai released

Posted by Xavier Ashe on May 24, 2007

The videos from the first ever deep-knowledge security
conference to be held in the UAE; HITBSecCoinf2007 – Dubai is now
available for download. Unlike our conferences in Malaysia where the
ENTIRE conference is recorded and the videos released on Bit Torrent,
for the Dubai event we only recorded the welcome address by H.E. Mr.
Mohammed Nasser Al Ghanim (Director General of the UAE's
Telecommunications Regulatory Authority – TRA) and the keynote
presentations by Mikko Hypponen (Chief Research Officer, F-Secure Corp)
and Lance Spitzner (Founder, Honeynet Project). The videos are all on
Google Video so no torrent downloads required 🙂

Welcome Address by HE. Mohammed Nasser Al Ghanim & Day 1 Keynote by Mikko Hypponen (Part 1):

Day 1 Keynote by Mikko Hypponen (Part 2):

Posted in Security | Leave a Comment »

Macrovision infects Windows Media Center

Posted by Xavier Ashe on May 21, 2007

Windows Media Center is
infected with “Macrovision.” Macrovision is the crippleware that some
TV stations and networks use to stop you from recording their shows.
Though there is no law requiring manufacturers to install this kind of
Macrovision — and though it's not illegal to ignore Macrovision and
record a show anyway — Microsoft implements it for WMC, and infected
its customers with it after disguising it as an “update.”

Microsoft probably did this to bribe the cable
operators into giving it access to encrypted television, though it's
possible (and legal) to record their shows without permission by using
the analog outputs (like theNeuros OSD and mythtv, a DIY Linux-based recorder).

From Boing Boing.

Posted in Security | Leave a Comment »

Vista Hacked Again, This Time Even More Effectively

Posted by Xavier Ashe on May 18, 2007

A widely available release, located at the usual pirate havens, from a
scene group entitled 'NoPE' (which doesn't appear to have released much
else) has quickly become the most highly sought-after asset of
eye-patched, peg-legged, shoulder-mounted-parrot pirate types.

Vista has been leaked in every conceivable form and in all its various
releases and flavours, but has still remained difficult to crack for
the average swashbuckling black-beard.

Various timer programs forcing the activation to hold off indefinitely
and other cracks haven't come close to the efficiency of the recent OEM
BIOS emulation tool-kit that has floated about – but which is
significantly more difficult to use that a 'normal' crack or serial.

The NoPE release has a major key difference to other previous pirated
copies of Vista – it is completely cracked, the product appears
activated, updates work, and no key needs to be entered, straight from
the installation media without any effort on the part of the pirate.

We presume that the hackers have managed to replace the Vista image on
the DVD, with the pre-cracked version. Microsoft moved to an
image-based install with Microsoft Vista, as opposed to the usual
convoluted set up process.

Read more on The Inquirer.

Posted in Security | Leave a Comment »

The evil side of Firefox extensions: FFsniFF (FireFox sniFFer)

Posted by Xavier Ashe on May 16, 2007

FFsniFF is a simple Firefox extension, which transforms your browser
into the html form sniffer. Every time the user click on 'Submit'
button, FFsniFF will try to find a non-blank password field in the
form. If it's found, entire form (also with URL) is sent to the
specified e-mail address. It also has the ability to hide itself in the
'Extensions manager'.

Get the bits from azurIt.

Posted in Security, Tools | Leave a Comment »

(ISC)2 to Modify Requirements for Obtaining the CISSP

Posted by Xavier Ashe on May 16, 2007

The (ISC)2 board of directors has approved new experience requirements
for the CISSP certification, effective 1 October, 2007. While these
changes will not affect current holders of the CISSP or those scheduled to take
the exam by 30 September 2007, we wanted you to be aware of

It is the responsibility of the (ISC)2 board of directors to continually
review the entire spectrum of the consortium’s education and
certification programs to ensure that (ISC)2 continues to provide the
“gold standard” of professional certification in the information
security industry. The board believes these new requirements will assure
organizations worldwide that CISSPs have demonstrated they can meet the
challenges of an ever-increasing threat environment, while you as an (ISC)2
member can be assured that the rigorous standards of the CISSP are being
maintained in a maturing profession.

The new requirements include the following components:

  • The
    minimum professional experience requirement for CISSP
    certification will be five years of relevant work experience in
    two or more of the 10
    domains of the CISSP CBK, or
    four years of work experience with an applicable college degree or a credential from the
    (ISC)2-approved list
    . The current requirements for the
    CISSP call for four years of work experience in one or more of the 10 domains of the CISSP CBK, or
    three years of experience with an applicable college degree or a
    credential from the (ISC)2-approved list.
  • Candidates for any (ISC)2 credential will be required to obtain an endorsement of their candidature exclusively from an (ISC)2-certified professional in good standing.
    The professional endorsing the candidate can hold any (ISC)2 certification
    – CISSP, SSCP or CAP.
    Currently, candidates can be endorsed by an officer from the
    candidate’s organization if no CISSP endorsement can be obtained.
    The board believes that only an (ISC)2-credentialed professional
    bound by its Code of Ethics
    should provide a candidate endorsement.

Should you have any questions, please visit or contact
us at

Posted in Security | Leave a Comment »

Z Backscatter Van Drive-By Screening System

Posted by Xavier Ashe on May 14, 2007

A breakthrough in X-ray detection technology, AS&E's Z
Backscatter Van (ZBV) is a low-cost, extremely maneuverable screening
system built into a commercially available delivery van. The ZBV allows
for immediate deployment in response to security threats, and its high
throughput capability facilitates rapid inspections. The system's
unique “drive-by” capability allows one or two operators to conduct
X-ray imaging of suspect vehicles and objects while the ZBV drives

The ZBV can also be operated in stationary
mode* by parking the system and producing X-ray images of vehicles as
they pass by. Screening can also be accomplished remotely while the
system is parked. Remote operation allows scanning to be done safely,
even in dangerous environments, while maintaining low-profile
operation. The system is unobtrusive, as it maintains the outward
appearance of an ordinary van.

Boing Boing has also posted about this rolling invader of privacy.  Get the details from the manufacturer, AS&E.

Posted in Privacy | Leave a Comment »

iTunes 7.1.1 Cracked

Posted by Xavier Ashe on May 14, 2007

The current (?) version of iTunes, 7.1.1 has been cracked by the
QTFairUse6 project. Now is the time to uncripple your purchased iTunes
tracks (especially those brutally expensive, hard-to-rip audiobooks)
before Apple spends more engineering dollars to punish you for wanting
to “think different,” “switch” and otherwise enjoy the stuff you bought
from them.

Note that this crack is only for Windows — Mac users are still punished for buying from Apple.

Posted in Security | Leave a Comment »

BlueHat v5: The Paradox of Innovation

Posted by Xavier Ashe on May 13, 2007

is Microsoft's own little hacker con. We host it twice a year — the
sessions today were all about innovation in security research.


did we learn? That Microsoft cannot solve the security problem, but we
can raise the bar substantially to the point where finding bugs in
Microsoft products is hard, and building reliable exploits even harder.
To reach this lofty goal requires that we learn from the innovators; to
spot trends, learn of new attack techniques and vulnerability types so
we may add defenses and countermeasures to help turn the tables on
attackers and ultimately, protect customers.


from this BlueHat include: new insights into mobile & web app
hacking, vendor agnostic issues in security protection offerings, the
art and science of reverse engineering security patches and interesting
stories about how some of our speakers cracked the Xbox 360.


We look forward to bringing you more content, links to podcasts and channel9 video from this edition of BlueHat.



I work for Andrew Cushman, take a look at his first MSRC Blog post.

Speaker bios and abstracts are here.

Original Post.  I believe this the same Sarah I spoke with about a year ago in Atlanta.  I am continually impressed with the BlueHat initiative.  What other company takes the time to invite the grey-hats in to speak with their developers.  Look for more to come on the BlueHat Blog.

Posted in Security | Leave a Comment »

The Ultimate Insider: FBI Analyst Steals National Secrets

Posted by Xavier Ashe on May 12, 2007

On the morning of Aug. 5, 2005, an FBI
intelligence analyst sat at his desk and accessed the agency's main
database. He downloaded a classified document, copied it onto a disc
and dropped it into a bag beside his desk.

Leandro Aragoncillo — a career Marine who had served under two vice
presidents in the White House — was stealing information in an attempt
to foster a political coup in the Philippines, his home country. He
knew he had no authorization to take or pass along the information,
but, so far, it had been so easy.

What Aragoncillo didn't know was that on this particular
morning, after nearly four years of espionage, the feds were spying on
the spy. Agents were watching him at his desk via video surveillance.
At the end of the workday, the man who was set up as the perfect inside
threat, took the bag with the disc inside and left the office. Agents
tailed him as he drove home and took the bag, with the stolen
classified information, inside.

Wow…the guy's either got tons of guts, really arrogant, or really stupid.  Read the full article on Information Week.  This is a very interesting tidbit:

It is the first time in modern history that someone has been charged with spying out of the White House.

You mean except for the President?

Posted in Security | Leave a Comment »

New Computer Program to Reassemble Shredded Stasi Files

Posted by Xavier Ashe on May 12, 2007

Millions of files consigned to paper shredders
in the late days of the East German regime will be pieced together by
computer. The massive job of reassembling this puzzle from the late
Cold War was performed, until now, by hand.

It's been years in the making, but finally software designed to
electronically piece together some 45 million shredded documents from
the East German secret police went into service in Berlin on Wednesday.
Now, a puzzle that would take 30 diligent Germans 600 to 800 years to
finish by hand, according to one estimate, might be solved by computer
in seven.

Low tech decryption.  Good article from Spiegel Online.

Posted in Other Technology, Privacy | Leave a Comment »

Exploring Metasploit 3 and the New and Improved Web Interface – Part 1

Posted by Xavier Ashe on May 9, 2007

In this video we explore the revised MSFWeb interface for the Metasploit Framework 3.0. We
specifically take a look at running auxiliary modules against a server
running MSSQL, and then we'll take a look at using the MSFweb GUI to
run the idq exploit with the meterpreter payload. What is unique about
the idq bug is that it will NOT give you administrator or system on the
box, but you can use the rev2self command in meterpreter to elevate
your privileges from IUSR_MACHINENAME to SYSTEM. While we're at it, we
also dump the hashes using hashdump for a little extra fun.

View the video on The Ethical Hacker Network.

Posted in Security | Leave a Comment »

PhreakNIC 0x0b

Posted by Xavier Ashe on May 7, 2007

PhreakNIC is an annual gathering in Nashville, TN, for hackers, makers,
security professionals, and general technology enthusiasts. Hours upon hours
of both informative and entertaining presentations are given by volunteers
and many areas are set up with the intent of encouraging socialization. In
our 11th year, we are now the longest running non-commercial hacker convention
in the United States.* PhreakNIC is organized by the Nashville 2600
Organization, which is a 501(c)(3) tax deductible charity. However, it takes
many resources to organize, and help is given to PhreakNIC by other 2600
groups in the South East United States, as well as the Nashville Linux Users
Group. Our thanks go out to all who contribute.

* According to our research. Summercon is older, but hasn't
always been in the US, so it doesn't count. Pumpcon is also possibly older,
but neither their site nor wikipedia have an archive to peruse.

Dates Finalized

The 11th Annual PhreakNIC (PN0x0b) will be held from Friday, October 19, 2007
through Sunday, October 21,2007 at the Days Inn Stadium in Nashville, TN. This
is fifth year in the same hotel.

I rarely get the dates for these things early.  I've got this one penciled in.  Go to the PhreakNIC web site for more info.

Posted in Security | Leave a Comment »

This is just too much fun…

Posted by Xavier Ashe on May 4, 2007

[15:21] olgafun01: Hello,How are you doing?
[15:21] me: good
[15:22] olgafun01: Okay
[15:22] olgafun01: Can you still help me
[15:22] olgafun01: ?
[15:25] me: help you?
[15:26] olgafun01: Yeah
[15:26] olgafun01: I told you before that i wanna clear my goods down there in African and i need your help
[15:26] olgafun01: By given me some money to clear the goods out of threre and get it sell and after bthat i gonna pay you back as soon as i get the mony paid from him
[15:27] me: sure, how much are we talking about?
[15:28] olgafun01: $750
[15:28] me: no problem, send me your account number and routing number and I'll get it to you
[15:31] olgafun01: Okay
[15:31] olgafun01: But i dont have that
[15:32] olgafun01: Dont need of account number for gonna make the payment through western union
[15:34] Meebo Message: olgafun01 is offline

It's nice to be entertained every now and then.  I can't believe the persistence.

Posted in Personal Note | Leave a Comment »

%d bloggers like this: