The Lazy Genius

Security News & Brain Dumps from Xavier Ashe, a Bit9 Client Partner

Archive for May, 2008

Draft Redpaper: Understanding IT Perimeter Security

Posted by Xavier Ashe on May 29, 2008

This IBM® Redpaper takes a close look at the enterprise IT network perimeter, which has been diluted from a well defined set of ingress and egress points to a mesh of undetectable flows from devices capable of accessing and penetrating corporate resources. The time of keeping the bad guys out by attempting to build a well defined wall is definitely over. Buisnesses and organizations require collaboration with internal and external business partners, customers, and employees, which further removes walls and protective barriers.

In this Redpaper, we discuss how the variety of end-points that were once considered to be inside have now become the perimeter itself. With this idea in mind, we investigate how you can build a strong security solution in order to protect your valuable assets that are accessible through the IT infrastructure.

The target audience for this IBM Redpaper are IT architects, IT specialists, and security administrators.

Download the draft Redpaper here.  This IBM Redpaper I was not involved in, but looks to be a good doc.  Check it out.

Advertisements

Posted in IBM, Security | Leave a Comment »

Declassified NSA Document Reveals the Secret History of TEMPEST

Posted by Xavier Ashe on May 26, 2008

It was 1943, and an engineer with Bell Telephone was working on one of the U.S. government’s most sensitive and important pieces of wartime machinery, a Bell Telephone model 131-B2. It was a top secret encrypted teletype terminal used by the Army and Navy to transmit wartime communications that could defy German and Japanese cryptanalysis.

Then he noticed something odd.

Far across the lab, a freestanding oscilloscope had developed a habit of spiking every time the teletype encrypted a letter. Upon closer inspection, the spikes could actually be translated into the plain message the machine was processing. Though he likely didn’t know it at the time, the engineer had just discovered that all information processing machines send their secrets into the electromagnetic ether.

Call it a TEMPEST in a teletype.

This story of how the United States first learned about the fundamental security vulnerability called “compromising emanations” is revealed for the first time in a newly-declassified 1972 paper TEMPEST: A Signal Problem (.pdf), from the National Security Agency’s secret in-house journal Cryptologic Spectrum.

Read the full article on Wired.

Posted in Security | Leave a Comment »

Cisco Security Response: Rootkits on Cisco IOS Devices

Posted by Xavier Ashe on May 26, 2008

This is the Cisco PSIRT response to an issue that was disclosed by Mr. Sebastian Muniz of Core Security Technologies at the EUSecWest security conference on May 22, 2008.

No new vulnerability on the Cisco IOS software was disclosed during the presentation. To the best of our knowledge, no exploit code has been made publicly available, and Cisco has not received any customer reports of exploitation.

Cisco has analyzed the available information and recommends following industry best-practices to improve the security of all network devices. Specific recommendations are available in the Additional Information section of this Security Response.

Cisco PSIRT greatly appreciates the opportunity to work with researchers on security vulnerabilities and welcomes the opportunity to review and assist in product reports. We would like to thank Mr. Sebastian Muniz and Core Security Technologies for working with us towards the goal of keeping Cisco networks and the Internet, as a whole, secure.

Read more from Cisco.

Posted in Security | Leave a Comment »

The Geek shall inherit…

Posted by Xavier Ashe on May 24, 2008

Posted in For Fun, Security | Leave a Comment »

Disguise your Surfing Traffic with AntiPhorm

Posted by Xavier Ashe on May 23, 2008

AntiPhorm (Lite) is a surfing simulator that runs independently and silently in the background of your PC. It connects to the web and intelligently simulates natural surfing behavior across thousands of customizable topics while you surf the web for your own special interests, or while you do something else entirely. This creates a background of noise blurring, disguising and inverting your own online interests from prying eyes. We believe our technology is indistinguishable from that of a typical user engaging the internet. To support this claim we have introduced a preview mode that works with any of your preferred browsers, and together with a detailed reporting system and a host of custom options each AntiPhorm Lite user can appear unique.

If you suspect your data is being tracked and sold, a solution is to make the data they collect absolutely worthless. At least now you have that option.

Download AntiPhorm Lite.

Posted in Security, Tools | Leave a Comment »

Fraud-prevention pitchman becomes ID theft victim

Posted by Xavier Ashe on May 22, 2008

Todd Davis has dared criminals for two years to try stealing his identity: Ads for his fraud-prevention company, LifeLock, even offer his Social Security number next to his smiling mug.

Now, Lifelock customers in Maryland, New Jersey and West Virginia are suing Davis, claiming his service didn’t work as promised and he knew it wouldn’t, because the service had failed even him.

Attorney David Paris said he found records of other people applying for or receiving driver’s licenses at least 20 times using Davis’ Social Security number, though some of the applications may have been rejected because data in them didn’t match what the Social Security Administration had on file.

Davis acknowledged in an interview with The Associated Press that his stunt has led to at least 87 instances in which people have tried to steal his identity, and one succeeded: a guy in Texas who duped an online payday loan operation last year into giving him $500 using Davis’ Social Security number.

Paris said the fact Davis’ records were compromised at all supports the claim that Tempe, Ariz.-based LifeLock doesn’t provide the comprehensive protection its advertisements say it does.

“It’s further evidence of the ineffectiveness of the services that LifeLock advertises,” said Paris, who is lead attorney on the three new lawsuits, the latest of which was filed this month.

Read the full article on CNN.com.

Posted in Security | Leave a Comment »

The Lazy Genius has been moved!

Posted by Xavier Ashe on May 19, 2008

If you are reading this, then you have found the new home for The Lazy Genius.  I was using Blogware, and while I loved the software, I was getting too much traffic and too few ad clicks to justify paying for it.  So I am on the free version of Wordpad and so far so good.  My biggest gripe is that I cannot add any javascript widgets.  So chances are I will be make another move soon to my own server.  We’ll see.

This week I am at a customer site implementing TSOM 4.1.  I hope that anyone that is still using 3.1 considers upgrading.  The new features and robustness is worth it.

Posted in Personal Note | Leave a Comment »

Open Call for Auditions

Posted by Xavier Ashe on May 13, 2008

DigiTribe Productions, LLC (Geekin’, After, The Statement of Randolph Carter) is pleased to announce open auditions for our newest feature film project, currently known as “The $1,000 Feature“.

The Project:
Our goal is to push ourselves to our creative limits and create an
entire 90-minute feature film for exactly $1,000. We will be keeping an
open production diary throughout filming and publishing the budget as
the money dwindles away. The film itself is a dark, violent drama about
one man’s quest to save a friend. For more information on the 1KF,
please check out our website — www.digitribe.net
Due to the ultra-low budget nature of the film – compensation will be limited to meals, credit & copy.

Characters: Most, but not all, roles are for early 20’s to mid 30’s, male and female. Further information on roles can be found at: http://www.digitribe.net/projects/1kfeature/audition/roles

When and Where: Auditions will be held Saturday, May 24th from 11:00 AM to 4:00 PM at Eyedrum, located at 290 MLK Jr. Drive, Suite 8, Atlanta, 30312. Performers will be seen on a first come – first served basis.

RSVP: Headshots and resumes will be accepted in advance and can be sent to 1kf-auditions@digitribe.net or PO Box 42 Jonesboro, GA 30237.
Some performers who pre-submit a headshot & resume may be selected
for the Priority List. These performers will be notified by email, and
will be sent to the head of the line when they arrive at the audition.

Posted in Personal Note | Leave a Comment »

Plasma TV components applied to password cracking

Posted by Xavier Ashe on May 1, 2008

Forget networked PCs or even PlayStation 3s, components commonly
found in plasma TVs are the latest thing in password cracking tools.

High performance FPGA (Field Programmable Gate Array) chips are the
Chuck Norris of number crunching, equally suited to image processing
and (with a bit of modification) password cracking.

document.write('\x3Cscript src=”http://ad.uk.doubleclick.net/adj/reg.security.4159/enterprise;cta='+cta+';ctb='+ctb+';ctc='+ctc+';sc='+sc+';cid='+cid+';'+RegExCats+GetVCs()+'pid='+RegId+RegDT+';'+RegKW+'maid='+maid+';test='+test+';pf='+RegPF+';dcove=d;sz=336×280;tile=3;ord=' + rand + '?” type=”text/javascript”>\x3C\/script>');

During the Black Hat conference in Washington in February researcher
Dan Mueller used FPGA kit in an attack that cracks standard GSM
transmissions, encrypted using the A5/1 algorithm, in as little as 30
seconds.

The same technology can be applied to crack Bluetooth transmissions
in as little as eight seconds, according to security consultancy
SecureTest, which ran a demo of the technology at the recent Infosec
conference.

Read the full article on The Register.

Posted in Security | Leave a Comment »

 
%d bloggers like this: